comparison svr-authpubkey.c @ 1600:dc7c9fdb3716

don't allow null characters in authorized_keys
author Matt Johnston <matt@ucc.asn.au>
date Wed, 07 Mar 2018 22:16:21 +0800
parents 252b406d0e9a
children 1fbe598a14fb
comparison
equal deleted inserted replaced
1599:e37f98ea4f24 1600:dc7c9fdb3716
199 unsigned int pos, len; 199 unsigned int pos, len;
200 int ret = DROPBEAR_FAILURE; 200 int ret = DROPBEAR_FAILURE;
201 201
202 if (line->len < MIN_AUTHKEYS_LINE || line->len > MAX_AUTHKEYS_LINE) { 202 if (line->len < MIN_AUTHKEYS_LINE || line->len > MAX_AUTHKEYS_LINE) {
203 TRACE(("checkpubkey_line: bad line length %d", line->len)) 203 TRACE(("checkpubkey_line: bad line length %d", line->len))
204 return DROPBEAR_FAILURE; 204 goto out;
205 }
206
207 if (memchr(line->data, 0x0, line->len) != NULL) {
208 TRACE(("checkpubkey_line: bad line has null char"))
209 goto out;
205 } 210 }
206 211
207 /* compare the algorithm. +3 so we have enough bytes to read a space and some base64 characters too. */ 212 /* compare the algorithm. +3 so we have enough bytes to read a space and some base64 characters too. */
208 if (line->pos + algolen+3 > line->len) { 213 if (line->pos + algolen+3 > line->len) {
209 goto out; 214 goto out;