Displaying 1 result from an estimated 1 matches for "read_decimal_bignum".
2015 Oct 15
2
Segfault on invalid SSH keys.
...8,9 @@
bits == 0 || bits > SSHBUF_MAX_BIGNUM * 8)
return SSH_ERR_INVALID_FORMAT; /* Bad bit count... */
+ if ( ret->rsa == NULL )
+ return SSH_ERR_INVALID_FORMAT;
+
/* Get public exponent, public modulus. */
if ((r = read_decimal_bignum(&ep, ret->rsa->e)) < 0)
return r;
The crasher can be found in the bug-report (note there are
two, the second is easier to deal with):
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=801530:w
I'm not a member of the list, but I'll keep an eye out for...