- dtucker@cvs.openbsd.org 2009/06/21 07:37:15

[kexdhs.c kexgexs.c] abort if key_sign fails, preventing possible null deref. Based on report from Paolo Ganci, ok markus@ djm@
author: dtucker <dtucker> 2009-06-21 09:00:20 +0000
committer: dtucker <dtucker> 2009-06-21 09:00:20 +0000
commit: 3174388872bc126439e3809626daf4845e4e25b1 (patch)
tree: c96730464d00f726dcdabc496aac61b674bd7ac8 /kexgexs.c
parent: a9fceb5136bb94da0ddcd94808b11af741af6ea5 (diff)
download: openssh-3174388872bc126439e3809626daf4845e4e25b1.tar.gz
1 files changed, 4 insertions, 2 deletions
diff --git a/kexgexs.c b/kexgexs.c
index 76a0f8ca..8515568b 100644
--- a/kexgexs.c
+++ b/kexgexs.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: kexgexs.c,v 1.11 2009/01/01 21:17:36 djm Exp $ */
+/* $OpenBSD: kexgexs.c,v 1.12 2009/06/21 07:37:15 dtucker Exp $ */
 /*
  * Copyright (c) 2000 Niels Provos.  All rights reserved.
  * Copyright (c) 2001 Markus Friedl.  All rights reserved.
@@ -179,7 +179,9 @@ kexgex_server(Kex *kex)
 	}
 
 	/* sign H */
-	PRIVSEP(key_sign(server_host_key, &signature, &slen, hash, hashlen));
+	if (PRIVSEP(key_sign(server_host_key, &signature, &slen, hash,
+	    hashlen)) < 0)
+		fatal("kexgex_server: key_sign failed");
 
 	/* destroy_sensitive_data(); */
author	dtucker <dtucker>	2009-06-21 09:00:20 +0000
committer	dtucker <dtucker>	2009-06-21 09:00:20 +0000
commit	3174388872bc126439e3809626daf4845e4e25b1 (patch)
tree	c96730464d00f726dcdabc496aac61b674bd7ac8 /kexgexs.c
parent	a9fceb5136bb94da0ddcd94808b11af741af6ea5 (diff)
download	openssh-3174388872bc126439e3809626daf4845e4e25b1.tar.gz