upstream: avoid possible NULL deref; from Pedro Martelletto

OpenBSD-Commit-ID: e6099c3fbb70aa67eb106e84d8b43f1fa919b721
author: djm@openbsd.org <djm@openbsd.org> 2020-05-18 04:29:35 +0000
committer: Damien Miller <djm@mindrot.org> 2020-05-27 10:13:17 +1000
commit: 2a63ce5cd6d0e782783bf721462239b03757dd49 (patch)
tree: dc7ccb95604ba6f0fc023a2b6c54e707409eb71d /ssh-keygen.c
parent: 4b307faf2fb0e63e51a550b37652f7f972df9676 (diff)
1 files changed, 5 insertions, 3 deletions
diff --git a/ssh-keygen.c b/ssh-keygen.c
index bcf1ece39..405903319 100644
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-keygen.c,v 1.410 2020/05/13 09:55:57 djm Exp $ */
+/* $OpenBSD: ssh-keygen.c,v 1.411 2020/05/18 04:29:35 djm Exp $ */
 /*
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
 * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -2954,14 +2954,16 @@ do_download_sk(const char *skprovider, const char *device)
                    &keys, &nkeys)) != 0) {
                        if (i == 0 && r == SSH_ERR_KEY_WRONG_PASSPHRASE)
                                continue;
-                        freezero(pin, strlen(pin));
+                        if (pin != NULL)
+                                freezero(pin, strlen(pin));
                        error("Unable to load resident keys: %s", ssh_err(r));
                        return -1;
                }
        }
        if (nkeys == 0)
                logit("No keys to download");
-        freezero(pin, strlen(pin));
+        if (pin != NULL)
+                freezero(pin, strlen(pin));
        for (i = 0; i < nkeys; i++) {
                if (keys[i]->type != KEY_ECDSA_SK &&
author	djm@openbsd.org <djm@openbsd.org>	2020-05-18 04:29:35 +0000
committer	Damien Miller <djm@mindrot.org>	2020-05-27 10:13:17 +1000
commit	2a63ce5cd6d0e782783bf721462239b03757dd49 (patch)
tree	dc7ccb95604ba6f0fc023a2b6c54e707409eb71d /ssh-keygen.c
parent	4b307faf2fb0e63e51a550b37652f7f972df9676 (diff)