diff options
| author | Matt Johnston <matt@ucc.asn.au> | 2017-05-21 18:53:09 +0800 |
|---|---|---|
| committer | Matt Johnston <matt@ucc.asn.au> | 2017-05-21 18:53:09 +0800 |
| commit | 0ab0687a3ab86a78dc21e3051cb0f68660e385d0 (patch) | |
| tree | ae07301e0e825e5a4dcfddb463fbc9328d85db62 /signkey.c | |
| parent | 72f85ad90f84a5aaf5fb02a636e090d75d4c13bc (diff) | |
| download | dropbear-0ab0687a3ab86a78dc21e3051cb0f68660e385d0.tar.gz | |
Fix null pointer dereference found by libfuzzer
Diffstat (limited to 'signkey.c')
| -rw-r--r-- | signkey.c | 9 |
1 files changed, 5 insertions, 4 deletions
@@ -102,7 +102,8 @@ enum signkey_type signkey_type_from_name(const char* name, unsigned int namelen) return DROPBEAR_SIGNKEY_NONE; } -/* Returns a pointer to the key part specific to "type" */ +/* Returns a pointer to the key part specific to "type". +Be sure to check both (ret != NULL) and (*ret != NULL) */ void ** signkey_key_ptr(sign_key *key, enum signkey_type type) { switch (type) { @@ -297,7 +298,7 @@ void buf_put_pub_key(buffer* buf, sign_key *key, enum signkey_type type) { #if DROPBEAR_ECDSA if (signkey_is_ecdsa(type)) { ecc_key **eck = (ecc_key**)signkey_key_ptr(key, type); - if (eck) { + if (eck && *eck) { buf_put_ecdsa_pub_key(pubkeys, *eck); } } @@ -334,7 +335,7 @@ void buf_put_priv_key(buffer* buf, sign_key *key, enum signkey_type type) { #if DROPBEAR_ECDSA if (signkey_is_ecdsa(type)) { ecc_key **eck = (ecc_key**)signkey_key_ptr(key, type); - if (eck) { + if (eck && *eck) { buf_put_ecdsa_priv_key(buf, *eck); TRACE(("leave buf_put_priv_key: ecdsa done")) return; @@ -498,7 +499,7 @@ void buf_put_sign(buffer* buf, sign_key *key, enum signkey_type type, #if DROPBEAR_ECDSA if (signkey_is_ecdsa(type)) { ecc_key **eck = (ecc_key**)signkey_key_ptr(key, type); - if (eck) { + if (eck && *eck) { buf_put_ecdsa_sign(sigblob, *eck, data_buf); } } |