From 4a4b75adac862029a1064577eb5af299b1580cdd Mon Sep 17 00:00:00 2001
From: "dtucker@openbsd.org" <dtucker@openbsd.org>
Date: Fri, 10 Mar 2017 02:59:51 +0000
Subject: upstream commit

Validate digest arg in ssh_digest_final; from jjelen at
redhat.com via bz#2687, ok djm@

Upstream-ID: dbe5494dfddfe523fab341a3dab5a79e7338f878
---
 digest-openssl.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'digest-openssl.c')

diff --git a/digest-openssl.c b/digest-openssl.c
index 13b63c2f..c55ceb93 100644
--- a/digest-openssl.c
+++ b/digest-openssl.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: digest-openssl.c,v 1.5 2014/12/21 22:27:56 djm Exp $ */
+/* $OpenBSD: digest-openssl.c,v 1.6 2017/03/10 02:59:51 dtucker Exp $ */
 /*
  * Copyright (c) 2013 Damien Miller <djm@mindrot.org>
  *
@@ -158,7 +158,7 @@ ssh_digest_final(struct ssh_digest_ctx *ctx, u_char *d, size_t dlen)
 	const struct ssh_digest *digest = ssh_digest_by_alg(ctx->alg);
 	u_int l = dlen;
 
-	if (dlen > UINT_MAX)
+	if (digest == NULL || dlen > UINT_MAX)
 		return SSH_ERR_INVALID_ARGUMENT;
 	if (dlen < digest->digest_len) /* No truncation allowed */
 		return SSH_ERR_INVALID_ARGUMENT;
-- 
cgit v1.2.1