From: simon <simon@cda61777-01e9-0310-a592-d414129be87e>
Date: Fri, 2 Aug 2013 06:27:56 +0000 (+0000)
Subject: Add some missing bounds checks in signature verification routines.
X-Git-Url: https://git.distorted.org.uk/~mdw/sgt/putty/commitdiff_plain/9febf7ed49d2d2f13d9addc7714acd492c2c7111

Add some missing bounds checks in signature verification routines.


git-svn-id: svn://svn.tartarus.org/sgt/putty@9978 cda61777-01e9-0310-a592-d414129be87e
---

diff --git a/sshdss.c b/sshdss.c
index 532c13f2..2b19a921 100644
--- a/sshdss.c
+++ b/sshdss.c
@@ -72,6 +72,9 @@ static Bignum get160(char **data, int *datalen)
 {
     Bignum b;
 
+    if (*datalen < 20)
+        return NULL;
+
     b = bignum_from_bytes((unsigned char *)*data, 20);
     *data += 20;
     *datalen -= 20;
diff --git a/sshrsa.c b/sshrsa.c
index 7fb9694f..c4a469ee 100644
--- a/sshrsa.c
+++ b/sshrsa.c
@@ -842,6 +842,8 @@ static int rsa2_verifysig(void *key, char *sig, int siglen,
 	return 0;
     }
     in = getmp(&sig, &siglen);
+    if (!in)
+        return 0;
     out = modpow(in, rsa->exponent, rsa->modulus);
     freebn(in);