upstream: sshsig: return correct error, fix null-deref; ok djm

author markus@openbsd.org <markus@openbsd.org>

Fri, 6 Mar 2020 18:13:29 +0000 (18:13 +0000)

committer Damien Miller <djm@mindrot.org>

Fri, 13 Mar 2020 02:13:30 +0000 (13:13 +1100)
author markus@openbsd.org <markus@openbsd.org>
Fri, 6 Mar 2020 18:13:29 +0000 (18:13 +0000)
committer Damien Miller <djm@mindrot.org>
Fri, 13 Mar 2020 02:13:30 +0000 (13:13 +1100)
diff --git a/sshsig.c b/sshsig.c

index e63a36e1ec43c83986c061db3955b893045f044c..77df4db86175d435c9184be25f0e8a202b25d92d 100644 (file)
--- a/sshsig.c
+++ b/sshsig.c
@@ -209,8 +209,10 @@ sshsig_wrap_sign(struct sshkey *key, const char *hashalg,
                 goto done;
         }
  
-       *out = blob;
-       blob = NULL;
+       if (out != NULL) {
+               *out = blob;
+               blob = NULL;
+       }
         r = 0;
  done:
         free(sig);
@@ -424,7 +426,7 @@ hash_buffer(const struct sshbuf *m, const char *hashalg, struct sshbuf **bp)
   out:
         sshbuf_free(b);
         explicit_bzero(hash, sizeof(hash));
-       return 0;
+       return r;
  }
  
  int
@@ -552,7 +554,7 @@ hash_file(int fd, const char *hashalg, struct sshbuf **bp)
         sshbuf_free(b);
         ssh_digest_free(ctx);
         explicit_bzero(hash, sizeof(hash));
-       return 0;
+       return r;
  }
  
  int
@@ -835,7 +837,7 @@ sshsig_check_allowed_keys(const char *path, const struct sshkey *sign_key,
         char *line = NULL;
         size_t linesize = 0;
         u_long linenum = 0;
-       int r, oerrno;
+       int r = SSH_ERR_INTERNAL_ERROR, oerrno;
  
         /* Check key and principal against file */
         if ((f = fopen(path, "r")) == NULL) {
author	markus@openbsd.org <markus@openbsd.org>
	Fri, 6 Mar 2020 18:13:29 +0000 (18:13 +0000)
committer	Damien Miller <djm@mindrot.org>
	Fri, 13 Mar 2020 02:13:30 +0000 (13:13 +1100)