upstream: avoid NULL dereference when attempting to convert invalid

author djm@openbsd.org <djm@openbsd.org>

Fri, 1 May 2020 04:23:11 +0000 (04:23 +0000)

committer Damien Miller <djm@mindrot.org>

Fri, 1 May 2020 06:40:11 +0000 (16:40 +1000)
author djm@openbsd.org <djm@openbsd.org>
Fri, 1 May 2020 04:23:11 +0000 (04:23 +0000)
committer Damien Miller <djm@mindrot.org>
Fri, 1 May 2020 06:40:11 +0000 (16:40 +1000)
diff --git a/ssh-keygen.c b/ssh-keygen.c

index d50ca5f28c517c24831fd8e329bf3339f7dcc64c..d7974f3dcac2b8943ae296ea1b1c1c3af9fefada 100644 (file)
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-keygen.c,v 1.407 2020/04/20 04:43:57 djm Exp $ */
+/* $OpenBSD: ssh-keygen.c,v 1.408 2020/05/01 04:23:11 djm Exp $ */
  /*
   * Author: Tatu Ylonen <ylo@cs.hut.fi>
   * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -669,9 +669,10 @@ do_convert_from_ssh2(struct passwd *pw, struct sshkey **k, int *private)
                 encoded[len-3] = '\0';
         if ((r = sshbuf_b64tod(buf, encoded)) != 0)
                 fatal("%s: base64 decoding failed: %s", __func__, ssh_err(r));
-       if (*private)
-               *k = do_convert_private_ssh2(buf);
-       else if ((r = sshkey_fromb(buf, k)) != 0)
+       if (*private) {
+               if ((*k = do_convert_private_ssh2(buf)) == NULL)
+                       fatal("%s: private key conversion failed", __func__);
+       } else if ((r = sshkey_fromb(buf, k)) != 0)
                 fatal("decode blob failed: %s", ssh_err(r));
         sshbuf_free(buf);
         fclose(fp);
author	djm@openbsd.org <djm@openbsd.org>
	Fri, 1 May 2020 04:23:11 +0000 (04:23 +0000)
committer	Damien Miller <djm@mindrot.org>
	Fri, 1 May 2020 06:40:11 +0000 (16:40 +1000)