changeset 1372:de1d895b1cae fuzz

don't exit encountering short lines
author Matt Johnston <matt@ucc.asn.au>
date Thu, 25 May 2017 00:10:18 +0800
parents bc9e2e148f58
children 9891bc31a1b3
files svr-authpubkey.c
diffstat 1 files changed, 4 insertions(+), 0 deletions(-) [+]
line wrap: on
line diff
--- a/svr-authpubkey.c	Thu May 25 00:09:40 2017 +0800
+++ b/svr-authpubkey.c	Thu May 25 00:10:18 2017 +0800
@@ -200,6 +200,10 @@
 		return DROPBEAR_FAILURE; /* line is too short for it to be a valid key */
 	}
 
+	/* compare the algorithm. +3 so we have enough bytes to read a space and some base64 characters too. */
+	if (line->pos + algolen+3 > line->len) {
+		goto out;
+	}
 	/* check the key type */
 	if (strncmp((const char *) buf_getptr(line, algolen), algo, algolen) != 0) {
 		int is_comment = 0;