upstream: avoid possible NULL deref; from Pedro Martelletto

author djm@openbsd.org <djm@openbsd.org>

Mon, 18 May 2020 04:29:35 +0000 (04:29 +0000)

committer Damien Miller <djm@mindrot.org>

Wed, 27 May 2020 00:32:30 +0000 (10:32 +1000)
author djm@openbsd.org <djm@openbsd.org>
Mon, 18 May 2020 04:29:35 +0000 (04:29 +0000)
committer Damien Miller <djm@mindrot.org>
Wed, 27 May 2020 00:32:30 +0000 (10:32 +1000)
diff --git a/ssh-keygen.c b/ssh-keygen.c

index 8c23a54cf1d44cab4a97645ba9824fcd1a8648bd..2c5c75db7f0890348ff7e6ecfc0b2884862875f3 100644 (file)
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-keygen.c,v 1.409 2020/05/02 07:19:43 djm Exp $ */
+/* $OpenBSD: ssh-keygen.c,v 1.409.2.1 2020/05/18 19:02:13 benno Exp $ */
  /*
   * Author: Tatu Ylonen <ylo@cs.hut.fi>
   * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -2950,14 +2950,16 @@ do_download_sk(const char *skprovider, const char *device)
                     &keys, &nkeys)) != 0) {
                         if (i == 0 && r == SSH_ERR_KEY_WRONG_PASSPHRASE)
                                 continue;
-                       freezero(pin, strlen(pin));
+                       if (pin != NULL)
+                               freezero(pin, strlen(pin));
                         error("Unable to load resident keys: %s", ssh_err(r));
                         return -1;
                 }
         }
         if (nkeys == 0)
                 logit("No keys to download");
-       freezero(pin, strlen(pin));
+       if (pin != NULL)
+               freezero(pin, strlen(pin));
  
         for (i = 0; i < nkeys; i++) {
                 if (keys[i]->type != KEY_ECDSA_SK &&
author	djm@openbsd.org <djm@openbsd.org>
	Mon, 18 May 2020 04:29:35 +0000 (04:29 +0000)
committer	Damien Miller <djm@mindrot.org>
	Wed, 27 May 2020 00:32:30 +0000 (10:32 +1000)