shinys000114/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2026-02-11 18:50:28 +09:00
Code Issues Packages Projects Releases Wiki Activity

dh: Avoid segmentation fault in GEX if fallback to known moduli

Browse Source 
Make ssh_fallback_group() to duplicate the modulus and generator.

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
This commit is contained in:
Anderson Toshiyuki Sasaki
2019-06-07 19:08:53 +02:00
committed by Andreas Schneider
parent 7656911953
commit 01f4040218
1 changed files with 12 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
src/dh.c
View File

@@ -571,13 +571,21 @@ int ssh_fallback_group(uint32_t pmax,
*generator = NULL; *generator = NULL;
if (pmax < 3072) { if (pmax < 3072) {
*modulus = ssh_dh_group14; bignum_dup(ssh_dh_group14, modulus);
} else if (pmax < 6144) { } else if (pmax < 6144) {
*modulus = ssh_dh_group16; bignum_dup(ssh_dh_group16, modulus);
} else { } else {
*modulus = ssh_dh_group18; bignum_dup(ssh_dh_group18, modulus);
}
if (*modulus == NULL) {
return SSH_ERROR;
}
bignum_dup(ssh_dh_generator, generator);
if (*generator == NULL) {
bignum_safe_free((*modulus));
return SSH_ERROR;
} }
*generator = ssh_dh_generator;
return SSH_OK; return SSH_OK;
} }