diff options
author | dtucker <dtucker> | 2009-06-21 09:00:20 +0000 |
---|---|---|
committer | dtucker <dtucker> | 2009-06-21 09:00:20 +0000 |
commit | 3174388872bc126439e3809626daf4845e4e25b1 (patch) | |
tree | c96730464d00f726dcdabc496aac61b674bd7ac8 /kexgexs.c | |
parent | a9fceb5136bb94da0ddcd94808b11af741af6ea5 (diff) | |
download | openssh-3174388872bc126439e3809626daf4845e4e25b1.tar.gz |
- dtucker@cvs.openbsd.org 2009/06/21 07:37:15
[kexdhs.c kexgexs.c]
abort if key_sign fails, preventing possible null deref. Based on report
from Paolo Ganci, ok markus@ djm@
Diffstat (limited to 'kexgexs.c')
-rw-r--r-- | kexgexs.c | 6 |
1 files changed, 4 insertions, 2 deletions
@@ -1,4 +1,4 @@ -/* $OpenBSD: kexgexs.c,v 1.11 2009/01/01 21:17:36 djm Exp $ */ +/* $OpenBSD: kexgexs.c,v 1.12 2009/06/21 07:37:15 dtucker Exp $ */ /* * Copyright (c) 2000 Niels Provos. All rights reserved. * Copyright (c) 2001 Markus Friedl. All rights reserved. @@ -179,7 +179,9 @@ kexgex_server(Kex *kex) } /* sign H */ - PRIVSEP(key_sign(server_host_key, &signature, &slen, hash, hashlen)); + if (PRIVSEP(key_sign(server_host_key, &signature, &slen, hash, + hashlen)) < 0) + fatal("kexgex_server: key_sign failed"); /* destroy_sensitive_data(); */ |