don't exit encountering short lines

--HG-- branch : fuzz
author: Matt Johnston <matt@ucc.asn.au> 2017-05-25 00:10:18 +0800
committer: Matt Johnston <matt@ucc.asn.au> 2017-05-25 00:10:18 +0800
commit: 2bc55ff428f27ef174c5bcfd6e0d18690932eb42 (patch)
tree: e71365d45edf44565deecee336ea865680cc1385 /svr-authpubkey.c
parent: ee5769f31fc5bef0c0f5f6977523918af892fa3b (diff)
1 files changed, 4 insertions, 0 deletions
diff --git a/svr-authpubkey.c b/svr-authpubkey.c
index 6612194..04d1b13 100644
--- a/svr-authpubkey.c
+++ b/svr-authpubkey.c
@@ -200,6 +200,10 @@ static int checkpubkey_line(buffer* line, int line_num, char* filename,
 		return DROPBEAR_FAILURE; /* line is too short for it to be a valid key */
 	}
 
+	/* compare the algorithm. +3 so we have enough bytes to read a space and some base64 characters too. */
+	if (line->pos + algolen+3 > line->len) {
+		goto out;
+	}
 	/* check the key type */
 	if (strncmp((const char *) buf_getptr(line, algolen), algo, algolen) != 0) {
 		int is_comment = 0;
author	Matt Johnston <matt@ucc.asn.au>	2017-05-25 00:10:18 +0800
committer	Matt Johnston <matt@ucc.asn.au>	2017-05-25 00:10:18 +0800
commit	2bc55ff428f27ef174c5bcfd6e0d18690932eb42 (patch)
tree	e71365d45edf44565deecee336ea865680cc1385 /svr-authpubkey.c
parent	ee5769f31fc5bef0c0f5f6977523918af892fa3b (diff)