sign/ed25519: fix the abort in case of incorrect public key

We need to check the size of public key before trying to use it.

Signed-off-by: Denis Pynkin <denis.pynkin@collabora.com>

1 files changed, 6 insertions, 6 deletions

diff --git a/src/libostree/ostree-sign-ed25519.c b/src/libostree/ostree-sign-ed25519.c
index 05fbe5eb..0aaad189 100644
--- a/src/libostree/ostree-sign-ed25519.c
+++ b/src/libostree/ostree-sign-ed25519.c
@@ -415,12 +415,12 @@ gboolean ostree_sign_ed25519_add_pk (OstreeSign *self,
       return glnx_throw (error, "Unknown ed25519 public key type");
     }
 
-  g_autofree char *hex = g_malloc0 (crypto_sign_PUBLICKEYBYTES*2 + 1);
-  g_debug ("Read ed25519 public key = %s", sodium_bin2hex (hex, crypto_sign_PUBLICKEYBYTES*2+1, key, n_elements));
-
   if (n_elements != crypto_sign_PUBLICKEYBYTES)
     return glnx_throw (error, "Incorrect ed25519 public key");
 
+  g_autofree char *hex = g_malloc0 (crypto_sign_PUBLICKEYBYTES*2 + 1);
+  g_debug ("Read ed25519 public key = %s", sodium_bin2hex (hex, crypto_sign_PUBLICKEYBYTES*2+1, key, n_elements));
+
   if (g_list_find_custom (sign->public_keys, key, _compare_ed25519_keys) == NULL)
     {
       gpointer newkey = g_memdup (key, n_elements);
@@ -449,14 +449,14 @@ _ed25519_add_revoked (OstreeSign *self,
   gsize n_elements = 0;
   gpointer key = g_base64_decode (rk_ascii, &n_elements);
 
-  g_autofree char * hex = g_malloc0 (crypto_sign_PUBLICKEYBYTES*2 + 1);
-  g_debug ("Read ed25519 revoked key = %s", sodium_bin2hex (hex, crypto_sign_PUBLICKEYBYTES*2+1, key, n_elements));
-
   if (n_elements != crypto_sign_PUBLICKEYBYTES)
     {
       return glnx_throw (error, "Incorrect ed25519 revoked key");
     }
 
+  g_autofree char * hex = g_malloc0 (crypto_sign_PUBLICKEYBYTES*2 + 1);
+  g_debug ("Read ed25519 revoked key = %s", sodium_bin2hex (hex, crypto_sign_PUBLICKEYBYTES*2+1, key, n_elements));
+
   if (g_list_find_custom (sign->revoked_keys, key, _compare_ed25519_keys) == NULL)
     {
       gpointer newkey = g_memdup (key, n_elements);