upstream: NULL deref when using find-principals when matching an

author djm@openbsd.org <djm@openbsd.org>

Wed, 5 Jan 2022 04:02:42 +0000 (04:02 +0000)

committer Damien Miller <djm@mindrot.org>

Wed, 5 Jan 2022 04:12:39 +0000 (15:12 +1100)
author djm@openbsd.org <djm@openbsd.org>
Wed, 5 Jan 2022 04:02:42 +0000 (04:02 +0000)
committer Damien Miller <djm@mindrot.org>
Wed, 5 Jan 2022 04:12:39 +0000 (15:12 +1100)
diff --git a/sshsig.c b/sshsig.c

index 0dbae33a54517af86ce6994778ad2b8bd01a5fa7..f8c63f7b4ae2f107694cbcc4ba6d671ad948d000 100644 (file)
--- a/sshsig.c
+++ b/sshsig.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshsig.c,v 1.26 2021/11/28 07:21:26 djm Exp $ */
+/* $OpenBSD: sshsig.c,v 1.27 2022/01/05 04:02:42 djm Exp $ */
  /*
   * Copyright (c) 2019 Google LLC
   *
@@ -921,7 +921,7 @@ check_allowed_keys_line(const char *path, u_long linenum, char *line,
         }
  
         /* Check whether options preclude the use of this key */
-       if (sigopts->namespaces != NULL &&
+       if (sigopts->namespaces != NULL && sig_namespace != NULL &&
             match_pattern_list(sig_namespace, sigopts->namespaces, 0) != 1) {
                 error("%s:%lu: key is not permitted for use in signature "
                     "namespace \"%s\"", path, linenum, sig_namespace);
author	djm@openbsd.org <djm@openbsd.org>
	Wed, 5 Jan 2022 04:02:42 +0000 (04:02 +0000)
committer	Damien Miller <djm@mindrot.org>
	Wed, 5 Jan 2022 04:12:39 +0000 (15:12 +1100)