diff options
-rw-r--r-- | sshkey-xmss.c | 26 |
1 files changed, 17 insertions, 9 deletions
diff --git a/sshkey-xmss.c b/sshkey-xmss.c index 9e5f5e475..e8e2e3816 100644 --- a/sshkey-xmss.c +++ b/sshkey-xmss.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: sshkey-xmss.c,v 1.6 2019/10/09 00:02:57 djm Exp $ */ | 1 | /* $OpenBSD: sshkey-xmss.c,v 1.7 2019/10/14 06:00:02 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2017 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2017 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -748,7 +748,7 @@ sshkey_xmss_deserialize_state(struct sshkey *k, struct sshbuf *b) | |||
748 | u_int32_t i, lh, node; | 748 | u_int32_t i, lh, node; |
749 | size_t ls, lsl, la, lk, ln, lr; | 749 | size_t ls, lsl, la, lk, ln, lr; |
750 | char *magic; | 750 | char *magic; |
751 | int r; | 751 | int r = SSH_ERR_INTERNAL_ERROR; |
752 | 752 | ||
753 | if (state == NULL) | 753 | if (state == NULL) |
754 | return SSH_ERR_INVALID_ARGUMENT; | 754 | return SSH_ERR_INVALID_ARGUMENT; |
@@ -767,9 +767,11 @@ sshkey_xmss_deserialize_state(struct sshkey *k, struct sshbuf *b) | |||
767 | (r = sshbuf_get_string(b, &state->th_nodes, &ln)) != 0 || | 767 | (r = sshbuf_get_string(b, &state->th_nodes, &ln)) != 0 || |
768 | (r = sshbuf_get_string(b, &state->retain, &lr)) != 0 || | 768 | (r = sshbuf_get_string(b, &state->retain, &lr)) != 0 || |
769 | (r = sshbuf_get_u32(b, &lh)) != 0) | 769 | (r = sshbuf_get_u32(b, &lh)) != 0) |
770 | return r; | 770 | goto out; |
771 | if (strcmp(magic, SSH_XMSS_K2_MAGIC) != 0) | 771 | if (strcmp(magic, SSH_XMSS_K2_MAGIC) != 0) { |
772 | return SSH_ERR_INVALID_ARGUMENT; | 772 | r = SSH_ERR_INVALID_ARGUMENT; |
773 | goto out; | ||
774 | } | ||
773 | /* XXX check stackoffset */ | 775 | /* XXX check stackoffset */ |
774 | if (ls != num_stack(state) || | 776 | if (ls != num_stack(state) || |
775 | lsl != num_stacklevels(state) || | 777 | lsl != num_stacklevels(state) || |
@@ -777,8 +779,10 @@ sshkey_xmss_deserialize_state(struct sshkey *k, struct sshbuf *b) | |||
777 | lk != num_keep(state) || | 779 | lk != num_keep(state) || |
778 | ln != num_th_nodes(state) || | 780 | ln != num_th_nodes(state) || |
779 | lr != num_retain(state) || | 781 | lr != num_retain(state) || |
780 | lh != num_treehash(state)) | 782 | lh != num_treehash(state)) { |
781 | return SSH_ERR_INVALID_ARGUMENT; | 783 | r = SSH_ERR_INVALID_ARGUMENT; |
784 | goto out; | ||
785 | } | ||
782 | for (i = 0; i < num_treehash(state); i++) { | 786 | for (i = 0; i < num_treehash(state); i++) { |
783 | th = &state->treehash[i]; | 787 | th = &state->treehash[i]; |
784 | if ((r = sshbuf_get_u32(b, &th->h)) != 0 || | 788 | if ((r = sshbuf_get_u32(b, &th->h)) != 0 || |
@@ -786,7 +790,7 @@ sshkey_xmss_deserialize_state(struct sshkey *k, struct sshbuf *b) | |||
786 | (r = sshbuf_get_u32(b, &th->stackusage)) != 0 || | 790 | (r = sshbuf_get_u32(b, &th->stackusage)) != 0 || |
787 | (r = sshbuf_get_u8(b, &th->completed)) != 0 || | 791 | (r = sshbuf_get_u8(b, &th->completed)) != 0 || |
788 | (r = sshbuf_get_u32(b, &node)) != 0) | 792 | (r = sshbuf_get_u32(b, &node)) != 0) |
789 | return r; | 793 | goto out; |
790 | if (node < num_th_nodes(state)) | 794 | if (node < num_th_nodes(state)) |
791 | th->node = &state->th_nodes[node]; | 795 | th->node = &state->th_nodes[node]; |
792 | } | 796 | } |
@@ -794,7 +798,11 @@ sshkey_xmss_deserialize_state(struct sshkey *k, struct sshbuf *b) | |||
794 | xmss_set_bds_state(&state->bds, state->stack, state->stackoffset, | 798 | xmss_set_bds_state(&state->bds, state->stack, state->stackoffset, |
795 | state->stacklevels, state->auth, state->keep, state->treehash, | 799 | state->stacklevels, state->auth, state->keep, state->treehash, |
796 | state->retain, 0); | 800 | state->retain, 0); |
797 | return 0; | 801 | /* success */ |
802 | r = 0; | ||
803 | out: | ||
804 | free(magic); | ||
805 | return r; | ||
798 | } | 806 | } |
799 | 807 | ||
800 | int | 808 | int |