# HG changeset patch
# User Matt Johnston <matt@ucc.asn.au>
# Date 1495722083 -28800
# Node ID 4cebe907dfd0612359fbc15d79aaf2627610a377
# Parent  814f22d4a58fd5f3418aae2fad4c46c8c6039c07
limit input size

diff -r 814f22d4a58f -r 4cebe907dfd0 svr-authpubkey.c
--- a/svr-authpubkey.c	Thu May 25 00:10:18 2017 +0800
+++ b/svr-authpubkey.c	Thu May 25 22:21:23 2017 +0800
@@ -195,9 +195,9 @@
 	unsigned int pos, len;
 	int ret = DROPBEAR_FAILURE;
 
-	if (line->len < MIN_AUTHKEYS_LINE) {
-		TRACE(("checkpubkey: line too short"))
-		return DROPBEAR_FAILURE; /* line is too short for it to be a valid key */
+	if (line->len < MIN_AUTHKEYS_LINE || line->len > MAX_AUTHKEYS_LINE) {
+		TRACE(("checkpubkey: bad line length %d", line->len))
+		return DROPBEAR_FAILURE;
 	}
 
 	/* compare the algorithm. +3 so we have enough bytes to read a space and some base64 characters too. */