upstream: sshsig: return correct error, fix null-deref; ok djm

OpenBSD-Commit-ID: 1d1af7cd538b8b23e621cf7ab84f11e7a923edcd
author: markus@openbsd.org <markus@openbsd.org> 2020-03-06 18:13:29 +0000
committer: Damien Miller <djm@mindrot.org> 2020-03-13 13:13:30 +1100
commit: 15be29e1e3318737b0768ca37d5b4a3fbe868ef0 (patch)
tree: 77ff97e2ccf17153374a863ed935a0724f2d2a94 /sshsig.c
parent: 6fb6f186cb62a6370fba476b6a03478a1e95c30d (diff)
1 files changed, 7 insertions, 5 deletions
diff --git a/sshsig.c b/sshsig.c
index e63a36e1e..77df4db86 100644
--- a/sshsig.c
+++ b/sshsig.c
@@ -209,8 +209,10 @@ sshsig_wrap_sign(struct sshkey *key, const char *hashalg,
                goto done;
        }
-        *out = blob;
+        if (out != NULL) {
-        blob = NULL;
+                *out = blob;
+                blob = NULL;
+        }
        r = 0;
 done:
        free(sig);
@@ -424,7 +426,7 @@ hash_buffer(const struct sshbuf *m, const char *hashalg, struct sshbuf **bp)
 out:
        sshbuf_free(b);
        explicit_bzero(hash, sizeof(hash));
-        return 0;
+        return r;
 }
 int
@@ -552,7 +554,7 @@ hash_file(int fd, const char *hashalg, struct sshbuf **bp)
        sshbuf_free(b);
        ssh_digest_free(ctx);
        explicit_bzero(hash, sizeof(hash));
-        return 0;
+        return r;
 }
 int
@@ -835,7 +837,7 @@ sshsig_check_allowed_keys(const char *path, const struct sshkey *sign_key,
        char *line = NULL;
        size_t linesize = 0;
        u_long linenum = 0;
-        int r, oerrno;
+        int r = SSH_ERR_INTERNAL_ERROR, oerrno;
        /* Check key and principal against file */
        if ((f = fopen(path, "r")) == NULL) {
author	markus@openbsd.org <markus@openbsd.org>	2020-03-06 18:13:29 +0000
committer	Damien Miller <djm@mindrot.org>	2020-03-13 13:13:30 +1100
commit	15be29e1e3318737b0768ca37d5b4a3fbe868ef0 (patch)
tree	77ff97e2ccf17153374a863ed935a0724f2d2a94 /sshsig.c
parent	6fb6f186cb62a6370fba476b6a03478a1e95c30d (diff)