shinys000114/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2026-02-10 18:28:10 +09:00
Code Issues Packages Projects Releases Wiki Activity

Add safety checks for all ssh_string_fill calls

Browse Source 
These calls can fail and the return code should always be checked. These
issues were identified when code review called it out on new code. The
updates here are to existing code with no behavior changes to make
review simpler.

Signed-off-by: Dirkjan Bussink <d.bussink@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit daeee74edd)
This commit is contained in:
Dirkjan Bussink
2020-12-10 14:01:32 +00:00
committed by Jakub Jelen
parent 0a5b93e479
commit 04824e2f5e
8 changed files with 97 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
tests/unittests/torture_pki_ed25519.c
View File

@@ -796,7 +796,8 @@ static void torture_pki_ed25519_verify(void **state){
assert_true(rc == SSH_OK);
assert_non_null(pubkey);
ssh_string_fill(blob, ref_signature, ED25519_SIG_LEN);
rc = ssh_string_fill(blob, ref_signature, ED25519_SIG_LEN);
assert_int_equal(rc, 0);
sig = pki_signature_from_blob(pubkey, blob, SSH_KEYTYPE_ED25519, SSH_DIGEST_AUTO);
assert_non_null(sig);
@@ -853,7 +854,8 @@ static void torture_pki_ed25519_verify_bad(void **state){
/* alter signature and expect false result */
for (i=0; i < ED25519_SIG_LEN; ++i){
ssh_string_fill(blob, ref_signature, ED25519_SIG_LEN);
rc = ssh_string_fill(blob, ref_signature, ED25519_SIG_LEN);
assert_int_equal(rc, 0);
((uint8_t *)ssh_string_data(blob))[i] ^= 0xff;
sig = pki_signature_from_blob(pubkey, blob, SSH_KEYTYPE_ED25519, SSH_DIGEST_AUTO);
assert_non_null(sig);