diff options
author | Damien Miller <djm@mindrot.org> | 2013-12-29 17:45:51 +1100 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2013-12-29 17:45:51 +1100 |
commit | 0b36c83148976c7c8268f4f41497359e2fb26251 (patch) | |
tree | d851c5cdebf196e5bc34190e4b2d3e7b7068cf1b | |
parent | 4def184e9b6c36be6d965a9705632fc4c0c2a8af (diff) |
- djm@cvs.openbsd.org 2013/12/19 01:19:41
[ssh-agent.c]
bz#2186: don't crash (NULL deref) when deleting PKCS#11 keys from an agent
that has a mix of normal and PKCS#11 keys; fix from jay AT slushpupie.com;
ok dtucker
-rw-r--r-- | ChangeLog | 5 | ||||
-rw-r--r-- | ssh-agent.c | 5 |
2 files changed, 9 insertions, 1 deletions
@@ -23,6 +23,11 @@ | |||
23 | them. | 23 | them. |
24 | 24 | ||
25 | Diagnosis and fix by ronf AT timeheart.net | 25 | Diagnosis and fix by ronf AT timeheart.net |
26 | - djm@cvs.openbsd.org 2013/12/19 01:19:41 | ||
27 | [ssh-agent.c] | ||
28 | bz#2186: don't crash (NULL deref) when deleting PKCS#11 keys from an agent | ||
29 | that has a mix of normal and PKCS#11 keys; fix from jay AT slushpupie.com; | ||
30 | ok dtucker | ||
26 | 31 | ||
27 | 20131221 | 32 | 20131221 |
28 | - (dtucker) [regress/keytype.sh] Actually test ecdsa key types. | 33 | - (dtucker) [regress/keytype.sh] Actually test ecdsa key types. |
diff --git a/ssh-agent.c b/ssh-agent.c index 8210a8e34..95117e076 100644 --- a/ssh-agent.c +++ b/ssh-agent.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh-agent.c,v 1.180 2013/12/06 13:39:49 markus Exp $ */ | 1 | /* $OpenBSD: ssh-agent.c,v 1.181 2013/12/19 01:19:41 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -660,6 +660,9 @@ process_remove_smartcard_key(SocketEntry *e) | |||
660 | tab = idtab_lookup(version); | 660 | tab = idtab_lookup(version); |
661 | for (id = TAILQ_FIRST(&tab->idlist); id; id = nxt) { | 661 | for (id = TAILQ_FIRST(&tab->idlist); id; id = nxt) { |
662 | nxt = TAILQ_NEXT(id, next); | 662 | nxt = TAILQ_NEXT(id, next); |
663 | /* Skip file--based keys */ | ||
664 | if (id->provider == NULL) | ||
665 | continue; | ||
663 | if (!strcmp(provider, id->provider)) { | 666 | if (!strcmp(provider, id->provider)) { |
664 | TAILQ_REMOVE(&tab->idlist, id, next); | 667 | TAILQ_REMOVE(&tab->idlist, id, next); |
665 | free_identity(id); | 668 | free_identity(id); |