diff options
| author | Matt Johnston <matt@ucc.asn.au> | 2018-03-07 22:16:21 +0800 |
|---|---|---|
| committer | Matt Johnston <matt@ucc.asn.au> | 2018-03-07 22:16:21 +0800 |
| commit | 27828c742c0c5e024aa5dd1a5333d64cb4a1b16c (patch) | |
| tree | b039cea0e384984fbbf91b0359d62ce56aab93d8 /svr-authpubkey.c | |
| parent | ed4c38ba467618a7193f4e5dec1d5f0169e0c227 (diff) | |
don't allow null characters in authorized_keys
Diffstat (limited to 'svr-authpubkey.c')
| -rw-r--r-- | svr-authpubkey.c | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/svr-authpubkey.c b/svr-authpubkey.c index e97b158..ec14ec0 100644 --- a/svr-authpubkey.c +++ b/svr-authpubkey.c @@ -201,7 +201,12 @@ static int checkpubkey_line(buffer* line, int line_num, const char* filename, if (line->len < MIN_AUTHKEYS_LINE || line->len > MAX_AUTHKEYS_LINE) { TRACE(("checkpubkey_line: bad line length %d", line->len)) - return DROPBEAR_FAILURE; + goto out; + } + + if (memchr(line->data, 0x0, line->len) != NULL) { + TRACE(("checkpubkey_line: bad line has null char")) + goto out; } /* compare the algorithm. +3 so we have enough bytes to read a space and some base64 characters too. */ |