From 4fe686d35fc1bbf5f160d1619ab392e09f3bd5c5 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Sat, 26 Jun 2010 09:36:10 +1000 Subject: - markus@cvs.openbsd.org 2010/06/08 21:32:19 [ssh-pkcs11.c] check length of value returned C_GetAttributValue for != 0 from mdrtbugzilla@codefive.co.uk; bugzilla #1773; ok dtucker@ --- ChangeLog | 4 ++++ ssh-pkcs11.c | 10 ++++++++-- 2 files changed, 12 insertions(+), 2 deletions(-) diff --git a/ChangeLog b/ChangeLog index aefc0b8c9..1d990febb 100644 --- a/ChangeLog +++ b/ChangeLog @@ -3,6 +3,10 @@ - djm@cvs.openbsd.org 2010/05/21 05:00:36 [misc.c] colon() returns char*, so s/return (0)/return NULL/ + - markus@cvs.openbsd.org 2010/06/08 21:32:19 + [ssh-pkcs11.c] + check length of value returned C_GetAttributValue for != 0 + from mdrtbugzilla@codefive.co.uk; bugzilla #1773; ok dtucker@ 20100622 - (djm) [loginrec.c] crank LINFO_NAMESIZE (username length) to 512 diff --git a/ssh-pkcs11.c b/ssh-pkcs11.c index 9460446d3..286c232c7 100644 --- a/ssh-pkcs11.c +++ b/ssh-pkcs11.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-pkcs11.c,v 1.5 2010/04/15 20:32:55 markus Exp $ */ +/* $OpenBSD: ssh-pkcs11.c,v 1.6 2010/06/08 21:32:19 markus Exp $ */ /* * Copyright (c) 2010 Markus Friedl. All rights reserved. * @@ -433,7 +433,13 @@ pkcs11_fetch_keys(struct pkcs11_provider *p, CK_ULONG slotidx, Key ***keysp, error("C_GetAttributeValue failed: %lu", rv); continue; } - /* allocate buffers for attributes, XXX check ulValueLen? */ + /* check that none of the attributes are zero length */ + if (attribs[0].ulValueLen == 0 || + attribs[1].ulValueLen == 0 || + attribs[2].ulValueLen == 0) { + continue; + } + /* allocate buffers for attributes */ for (i = 0; i < 3; i++) attribs[i].pValue = xmalloc(attribs[i].ulValueLen); /* retrieve ID, modulus and public exponent of RSA key */ -- cgit v1.2.3