From 053a23b50d50d3270e34676d523925db0632439f Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@cryptomilk.org>
Date: Mon, 28 Oct 2019 14:26:27 +0100
Subject: [PATCH] SSH-01-006: Add missing NULL checks in
 pki_signature_from_rsa_blob()

Fixes T193

Signed-off-by: Andreas Schneider <asn@cryptomilk.org
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit 7b9cbcebe5c1b748a7c50873d2ed8afff4e4089f)
---
 src/pki_crypto.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/pki_crypto.c b/src/pki_crypto.c
index 708b2ab0..f669ac30 100644
--- a/src/pki_crypto.c
+++ b/src/pki_crypto.c
@@ -1614,6 +1614,10 @@ static int pki_signature_from_rsa_blob(const ssh_key pubkey,
         blob_padded_data = (char *) ssh_string_data(sig_blob_padded);
         blob_orig = (char *) ssh_string_data(sig_blob);
 
+        if (blob_padded_data == NULL || blob_orig == NULL) {
+            goto errout;
+        }
+
         /* front-pad the buffer with zeroes */
         explicit_bzero(blob_padded_data, pad_len);
         /* fill the rest with the actual signature blob */