Mercurial > dropbear
diff svr-authpubkey.c @ 1600:dc7c9fdb3716
don't allow null characters in authorized_keys
author | Matt Johnston <matt@ucc.asn.au> |
---|---|
date | Wed, 07 Mar 2018 22:16:21 +0800 |
parents | 252b406d0e9a |
children | 1fbe598a14fb |
line wrap: on
line diff
--- a/svr-authpubkey.c Wed Mar 07 22:14:36 2018 +0800 +++ b/svr-authpubkey.c Wed Mar 07 22:16:21 2018 +0800 @@ -201,7 +201,12 @@ if (line->len < MIN_AUTHKEYS_LINE || line->len > MAX_AUTHKEYS_LINE) { TRACE(("checkpubkey_line: bad line length %d", line->len)) - return DROPBEAR_FAILURE; + goto out; + } + + if (memchr(line->data, 0x0, line->len) != NULL) { + TRACE(("checkpubkey_line: bad line has null char")) + goto out; } /* compare the algorithm. +3 so we have enough bytes to read a space and some base64 characters too. */