More sensible error handling when we receive an SSH1 public key

modulus of zero (!!), and also a robustness fix in ssh1_rdpkt which I happened to notice while debugging that. [originally from svn r4516]
teamnop · Aug 28, 2004 · e2cd7e4 · e2cd7e4
1 parent 60b9bfe
commit e2cd7e4
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 2 deletions.
diff --git a/ssh.c b/ssh.c
@@ -827,6 +827,12 @@ static int ssh1_rdpkt(Ssh ssh, unsigned char **data, int *datalen)
     st->biglen = st->len + st->pad;
     ssh->pktin.length = st->len - 5;
 
+    if (st->biglen < 0) {
+        bombout(("Extremely large packet length from server suggests"
+		 " data stream corruption"));
+        crStop(0);
+    }
+
     if (ssh->pktin.maxlen < st->biglen) {
 	ssh->pktin.maxlen = st->biglen;
 	ssh->pktin.data = sresize(ssh->pktin.data, st->biglen + APIEXTRA,
@@ -2435,7 +2441,7 @@ static int do_ssh1_login(Ssh ssh, unsigned char *in, int inlen, int ispkt)
 
     if (!ssh1_pkt_getrsakey(ssh, &servkey, &s->keystr1) ||
 	!ssh1_pkt_getrsakey(ssh, &hostkey, &s->keystr2)) {	
-	bombout(("SSH1 public key packet stopped before public keys"));
+	bombout(("Failed to read SSH1 public keys from public key packet"));
 	crStop(0);
     }
 

diff --git a/sshrsa.c b/sshrsa.c
@@ -54,7 +54,7 @@ int makekey(unsigned char *data, int len, struct RSAKey *result,
     }
 
     n = ssh1_read_bignum(p, len, result ? &result->modulus : NULL);
-    if (n < 0) return -1;
+    if (n < 0 || bignum_bitcount(result->modulus) == 0) return -1;
     if (result)
 	result->bytes = n - 2;
     if (keystr)