diff options
author | Daiki Ueno <dueno@src.gnome.org> | 2018-07-14 07:36:56 +0200 |
---|---|---|
committer | Daiki Ueno <dueno@src.gnome.org> | 2018-07-14 07:40:03 +0200 |
commit | cc8d6cd12aff280f1a32b15238508a64931381d6 (patch) | |
tree | fbc47df44788a28bec1ac525faa5e632205a463e | |
parent | 2a26b20ab61919fee8b4d0ffae5e18303e41501c (diff) | |
download | gnome-keyring-wip/dueno/openssh-parse.tar.gz |
ssh-agent: Make public key parsing even robusterwip/dueno/openssh-parse
This amends commit f3f3cc70 to take into account of the fact that the
key type is prefixed to the decoded blob. Suggested by Mantas
Mikulėnas in:
https://bugzilla.gnome.org/show_bug.cgi?id=795699
-rw-r--r-- | daemon/ssh-agent/gkd-ssh-agent-util.c | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/daemon/ssh-agent/gkd-ssh-agent-util.c b/daemon/ssh-agent/gkd-ssh-agent-util.c index 22c64b59..1b3cc4b4 100644 --- a/daemon/ssh-agent/gkd-ssh-agent-util.c +++ b/daemon/ssh-agent/gkd-ssh-agent-util.c @@ -106,6 +106,8 @@ _gkd_ssh_agent_parse_public_key (GBytes *input, guint save; const guchar *data; gsize n_data; + const guchar *keytype; + gsize n_keytype; g_return_val_if_fail (input, NULL); @@ -137,6 +139,8 @@ _gkd_ssh_agent_parse_public_key (GBytes *input, if (at != NULL) n_data = at - data; + keytype = data; + /* Find the first space */ at = memchr (data, ' ', n_data); if (!at) { @@ -144,6 +148,8 @@ _gkd_ssh_agent_parse_public_key (GBytes *input, return NULL; } + n_keytype = at - data; + /* Skip more whitespace */ n_data -= (at - data); data = at; @@ -173,6 +179,15 @@ _gkd_ssh_agent_parse_public_key (GBytes *input, return NULL; } + /* Check if the key type is prefixed to the decoded blob */ + if (!(n_decoded > n_keytype + 4 && + egg_buffer_decode_uint32 (decoded) == n_keytype && + memcmp (keytype, decoded + 4, n_keytype) == 0)) { + g_message ("SSH public key missing key type"); + g_free (decoded); + return NULL; + } + /* Skip more whitespace */ n_data -= (at - data); data = at; |