diff options
| author | Matt Johnston <matt@ucc.asn.au> | 2017-05-21 18:53:09 +0800 |
|---|---|---|
| committer | Matt Johnston <matt@ucc.asn.au> | 2017-05-21 18:53:09 +0800 |
| commit | 30d3ccd419b18e1ffbc214503446d1381119825a (patch) | |
| tree | 5d6f5003dc7b625c758ebc9f278d62f405cebda6 | |
| parent | fb8fb7fed0bb822ccc11ed20229db51a3991a0e5 (diff) | |
Fix null pointer dereference found by libfuzzer
--HG--
branch : fuzz
| -rw-r--r-- | signkey.c | 9 |
1 files changed, 5 insertions, 4 deletions
@@ -102,7 +102,8 @@ enum signkey_type signkey_type_from_name(const char* name, unsigned int namelen) return DROPBEAR_SIGNKEY_NONE; } -/* Returns a pointer to the key part specific to "type" */ +/* Returns a pointer to the key part specific to "type". +Be sure to check both (ret != NULL) and (*ret != NULL) */ void ** signkey_key_ptr(sign_key *key, enum signkey_type type) { switch (type) { @@ -294,7 +295,7 @@ void buf_put_pub_key(buffer* buf, sign_key *key, enum signkey_type type) { #if DROPBEAR_ECDSA if (signkey_is_ecdsa(type)) { ecc_key **eck = (ecc_key**)signkey_key_ptr(key, type); - if (eck) { + if (eck && *eck) { buf_put_ecdsa_pub_key(pubkeys, *eck); } } @@ -331,7 +332,7 @@ void buf_put_priv_key(buffer* buf, sign_key *key, enum signkey_type type) { #if DROPBEAR_ECDSA if (signkey_is_ecdsa(type)) { ecc_key **eck = (ecc_key**)signkey_key_ptr(key, type); - if (eck) { + if (eck && *eck) { buf_put_ecdsa_priv_key(buf, *eck); TRACE(("leave buf_put_priv_key: ecdsa done")) return; @@ -495,7 +496,7 @@ void buf_put_sign(buffer* buf, sign_key *key, enum signkey_type type, #if DROPBEAR_ECDSA if (signkey_is_ecdsa(type)) { ecc_key **eck = (ecc_key**)signkey_key_ptr(key, type); - if (eck) { + if (eck && *eck) { buf_put_ecdsa_sign(sigblob, *eck, data_buf); } } |