upstream: fix possible null-deref in check_key_not_revoked; ok

author markus@openbsd.org <markus@openbsd.org>

Fri, 6 Mar 2020 18:25:12 +0000 (18:25 +0000)

committer Damien Miller <djm@mindrot.org>

Fri, 13 Mar 2020 02:18:09 +0000 (13:18 +1100)
author markus@openbsd.org <markus@openbsd.org>
Fri, 6 Mar 2020 18:25:12 +0000 (18:25 +0000)
committer Damien Miller <djm@mindrot.org>
Fri, 13 Mar 2020 02:18:09 +0000 (13:18 +1100)
diff --git a/hostfile.c b/hostfile.c

index 7af47adf3161f9e059d3393e83fb73f5b34cf6e7..a4a355972522f4cfbd36b06caba3be871bc85dae 100644 (file)
--- a/hostfile.c
+++ b/hostfile.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: hostfile.c,v 1.78 2020/02/26 13:40:09 jsg Exp $ */
+/* $OpenBSD: hostfile.c,v 1.79 2020/03/06 18:25:12 markus Exp $ */
  /*
   * Author: Tatu Ylonen <ylo@cs.hut.fi>
   * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -312,7 +312,7 @@ check_key_not_revoked(struct hostkeys *hostkeys, struct sshkey *k)
                         continue;
                 if (sshkey_equal_public(k, hostkeys->entries[i].key))
                         return -1;
-               if (is_cert &&
+               if (is_cert && k != NULL &&
                     sshkey_equal_public(k->cert->signature_key,
                     hostkeys->entries[i].key))
                         return -1;
author	markus@openbsd.org <markus@openbsd.org>
	Fri, 6 Mar 2020 18:25:12 +0000 (18:25 +0000)
committer	Damien Miller <djm@mindrot.org>
	Fri, 13 Mar 2020 02:18:09 +0000 (13:18 +1100)