diff options
Diffstat (limited to 'svr-authpubkey.c')
| -rw-r--r-- | svr-authpubkey.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/svr-authpubkey.c b/svr-authpubkey.c index 6612194..04d1b13 100644 --- a/svr-authpubkey.c +++ b/svr-authpubkey.c @@ -200,6 +200,10 @@ static int checkpubkey_line(buffer* line, int line_num, char* filename, return DROPBEAR_FAILURE; /* line is too short for it to be a valid key */ } + /* compare the algorithm. +3 so we have enough bytes to read a space and some base64 characters too. */ + if (line->pos + algolen+3 > line->len) { + goto out; + } /* check the key type */ if (strncmp((const char *) buf_getptr(line, algolen), algo, algolen) != 0) { int is_comment = 0; |