diff options
author | dtucker <dtucker> | 2009-06-21 09:00:20 +0000 |
---|---|---|
committer | dtucker <dtucker> | 2009-06-21 09:00:20 +0000 |
commit | 3174388872bc126439e3809626daf4845e4e25b1 (patch) | |
tree | c96730464d00f726dcdabc496aac61b674bd7ac8 /kexdhs.c | |
parent | a9fceb5136bb94da0ddcd94808b11af741af6ea5 (diff) | |
download | openssh-3174388872bc126439e3809626daf4845e4e25b1.tar.gz |
- dtucker@cvs.openbsd.org 2009/06/21 07:37:15
[kexdhs.c kexgexs.c]
abort if key_sign fails, preventing possible null deref. Based on report
from Paolo Ganci, ok markus@ djm@
Diffstat (limited to 'kexdhs.c')
-rw-r--r-- | kexdhs.c | 6 |
1 files changed, 4 insertions, 2 deletions
@@ -1,4 +1,4 @@ -/* $OpenBSD: kexdhs.c,v 1.9 2006/11/06 21:25:28 markus Exp $ */ +/* $OpenBSD: kexdhs.c,v 1.10 2009/06/21 07:37:15 dtucker Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. * @@ -137,7 +137,9 @@ kexdh_server(Kex *kex) } /* sign H */ - PRIVSEP(key_sign(server_host_key, &signature, &slen, hash, hashlen)); + if (PRIVSEP(key_sign(server_host_key, &signature, &slen, hash, + hashlen)) < 0) + fatal("kexdh_server: key_sign failed"); /* destroy_sensitive_data(); */ |