diff options
| author | Damien Miller <djm@mindrot.org> | 2014-02-24 15:57:22 +1100 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2014-02-24 15:57:22 +1100 |
| commit | bee3a234f3d1ad4244952bcff1b4b7c525330dc2 (patch) | |
| tree | e3f5fe82137543252f9adf7e92f7895bd367d687 /ssh-ed25519.c | |
| parent | 0628780abe61e7e50cba48cdafb1837f49ff23b2 (diff) | |
- djm@cvs.openbsd.org 2014/02/23 20:03:42
[ssh-ed25519.c]
check for unsigned overflow; not reachable in OpenSSH but others might
copy our code...
Diffstat (limited to 'ssh-ed25519.c')
| -rw-r--r-- | ssh-ed25519.c | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/ssh-ed25519.c b/ssh-ed25519.c index 56c480df2..160d1f23b 100644 --- a/ssh-ed25519.c +++ b/ssh-ed25519.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssh-ed25519.c,v 1.2 2014/02/02 03:44:31 djm Exp $ */ | 1 | /* $OpenBSD: ssh-ed25519.c,v 1.3 2014/02/23 20:03:42 djm Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2013 Markus Friedl <markus@openbsd.org> | 3 | * Copyright (c) 2013 Markus Friedl <markus@openbsd.org> |
| 4 | * | 4 | * |
| @@ -21,6 +21,7 @@ | |||
| 21 | 21 | ||
| 22 | #include "crypto_api.h" | 22 | #include "crypto_api.h" |
| 23 | 23 | ||
| 24 | #include <limits.h> | ||
| 24 | #include <string.h> | 25 | #include <string.h> |
| 25 | #include <stdarg.h> | 26 | #include <stdarg.h> |
| 26 | 27 | ||
| @@ -45,6 +46,11 @@ ssh_ed25519_sign(const Key *key, u_char **sigp, u_int *lenp, | |||
| 45 | error("%s: no ED25519 key", __func__); | 46 | error("%s: no ED25519 key", __func__); |
| 46 | return -1; | 47 | return -1; |
| 47 | } | 48 | } |
| 49 | |||
| 50 | if (datalen >= UINT_MAX - crypto_sign_ed25519_BYTES) { | ||
| 51 | error("%s: datalen %u too long", __func__, datalen); | ||
| 52 | return -1; | ||
| 53 | } | ||
| 48 | smlen = slen = datalen + crypto_sign_ed25519_BYTES; | 54 | smlen = slen = datalen + crypto_sign_ed25519_BYTES; |
| 49 | sig = xmalloc(slen); | 55 | sig = xmalloc(slen); |
| 50 | 56 | ||