upstream: Make sshpkt_get_bignum2() allocate the bignum it is

parsing rather than make the caller do it. Saves a lot of boilerplate code.

from markus@ ok djm@

OpenBSD-Commit-ID: 576bf784f9a240f5a1401f7005364e59aed3bce9

1 files changed, 6 insertions, 8 deletions

diff --git a/ssh-ecdsa.c b/ssh-ecdsa.c
index 2f553175..599c7199 100644
--- a/ssh-ecdsa.c
+++ b/ssh-ecdsa.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-ecdsa.c,v 1.14 2018/02/07 02:06:51 jsing Exp $ */
+/* $OpenBSD: ssh-ecdsa.c,v 1.16 2019/01/21 09:54:11 djm Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  * Copyright (c) 2010 Damien Miller.  All rights reserved.
@@ -151,15 +151,13 @@ ssh_ecdsa_verify(const struct sshkey *key,
 	}
 
 	/* parse signature */
-	if ((sig = ECDSA_SIG_new()) == NULL ||
-	    (sig_r = BN_new()) == NULL ||
-	    (sig_s = BN_new()) == NULL) {
-		ret = SSH_ERR_ALLOC_FAIL;
+	if (sshbuf_get_bignum2(sigbuf, &sig_r) != 0 ||
+	    sshbuf_get_bignum2(sigbuf, &sig_s) != 0) {
+		ret = SSH_ERR_INVALID_FORMAT;
 		goto out;
 	}
-	if (sshbuf_get_bignum2(sigbuf, sig_r) != 0 ||
-	    sshbuf_get_bignum2(sigbuf, sig_s) != 0) {
-		ret = SSH_ERR_INVALID_FORMAT;
+	if ((sig = ECDSA_SIG_new()) == NULL) {
+		ret = SSH_ERR_ALLOC_FAIL;
 		goto out;
 	}
 	if (!ECDSA_SIG_set0(sig, sig_r, sig_s)) {