upstream: check sig_r and sig_s for ssh-sk keys; ok djm

author markus@openbsd.org <markus@openbsd.org>

Tue, 12 Nov 2019 19:34:00 +0000 (19:34 +0000)

committer Damien Miller <djm@mindrot.org>

Tue, 12 Nov 2019 21:54:09 +0000 (08:54 +1100)
author markus@openbsd.org <markus@openbsd.org>
Tue, 12 Nov 2019 19:34:00 +0000 (19:34 +0000)
committer Damien Miller <djm@mindrot.org>
Tue, 12 Nov 2019 21:54:09 +0000 (08:54 +1100)
diff --git a/ssh-sk.c b/ssh-sk.c

index a9da765ebfbaee79bf5749d3428f0c56c888d949..7a4bf8c6b5c9681ce671b87891085623874a6723 100644 (file)
--- a/ssh-sk.c
+++ b/ssh-sk.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-sk.c,v 1.7 2019/11/12 19:32:30 markus Exp $ */
+/* $OpenBSD: ssh-sk.c,v 1.8 2019/11/12 19:34:00 markus Exp $ */
  /*
   * Copyright (c) 2019 Google LLC
   *
@@ -365,6 +365,12 @@ sshsk_ecdsa_inner_sig(struct sk_sign_response *resp, struct sshbuf **retp)
         int r = SSH_ERR_INTERNAL_ERROR;
  
         *retp = NULL;
+       /* Check response validity */
+       if (resp->sig_r == NULL || resp->sig_r == NULL) {
+               error("%s: sk_sign response invalid", __func__);
+               r = SSH_ERR_INVALID_FORMAT;
+               goto out;
+       }
         if ((inner_sig = sshbuf_new()) == NULL) {
                 r = SSH_ERR_ALLOC_FAIL;
                 goto out;
@@ -400,6 +406,12 @@ sshsk_ed25519_inner_sig(struct sk_sign_response *resp, struct sshbuf **retp)
         int r = SSH_ERR_INTERNAL_ERROR;
  
         *retp = NULL;
+       /* Check response validity */
+       if (resp->sig_r == NULL) {
+               error("%s: sk_sign response invalid", __func__);
+               r = SSH_ERR_INVALID_FORMAT;
+               goto out;
+       }
         if ((inner_sig = sshbuf_new()) == NULL) {
                 r = SSH_ERR_ALLOC_FAIL;
                 goto out;
author	markus@openbsd.org <markus@openbsd.org>
	Tue, 12 Nov 2019 19:34:00 +0000 (19:34 +0000)
committer	Damien Miller <djm@mindrot.org>
	Tue, 12 Nov 2019 21:54:09 +0000 (08:54 +1100)