diff svr-authpubkey.c @ 1600:dc7c9fdb3716

don't allow null characters in authorized_keys
author Matt Johnston <matt@ucc.asn.au>
date Wed, 07 Mar 2018 22:16:21 +0800
parents 252b406d0e9a
children 1fbe598a14fb
line wrap: on
line diff
--- a/svr-authpubkey.c	Wed Mar 07 22:14:36 2018 +0800
+++ b/svr-authpubkey.c	Wed Mar 07 22:16:21 2018 +0800
@@ -201,7 +201,12 @@
 
 	if (line->len < MIN_AUTHKEYS_LINE || line->len > MAX_AUTHKEYS_LINE) {
 		TRACE(("checkpubkey_line: bad line length %d", line->len))
-		return DROPBEAR_FAILURE;
+		goto out;
+	}
+
+	if (memchr(line->data, 0x0, line->len) != NULL) {
+		TRACE(("checkpubkey_line: bad line has null char"))
+		goto out;
 	}
 
 	/* compare the algorithm. +3 so we have enough bytes to read a space and some base64 characters too. */