FreeBSD/src
1
0
Fork 0
mirror of https://git.FreeBSD.org/src.git synced 2026-06-02 11:24:32 +00:00
Code Issues Projects Releases Wiki Activity

upstream: fix hard-to-reach NULL deref during pubkey auth

Browse Source 
To hit this, the user must be using a PEM style private key with no
corresponding .pub key adjacent to it.

OpenBSD-Commit-ID: b7150acc5322fa33f21491834d9471fbe3d30f20
(cherry picked from commit cf6c0b3b94cdc223f1b8be1ef2d93e993af5d976)

Reviewed by:	emaste
This commit is contained in:
djm@openbsd.org
2026-05-13 05:11:02 +00:00
committed by Gleb Smirnoff
parent b9d16b7fd2
commit 77fd9e0cea
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
crypto/openssh/sshconnect2.c
+2 -2
View File
@@ -1,4 +1,4 @@
/* $OpenBSD: sshconnect2.c,v 1.385 2026/04/02 07:48:13 djm Exp $ */
/* $OpenBSD: sshconnect2.c,v 1.386 2026/05/13 05:11:02 djm Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
* Copyright (c) 2008 Damien Miller. All rights reserved.
@@ -1277,7 +1277,7 @@ identity_sign(struct identity *id, u_char **sigp, size_t *lenp,
* PKCS#11 tokens may not support all signature algorithms,
* so check what we get back.
*/
if ((id->key->flags & SSHKEY_FLAG_EXT) != 0 &&
if (id->key != NULL && (id->key->flags & SSHKEY_FLAG_EXT) != 0 &&
(r = sshkey_check_sigtype(*sigp, *lenp, alg)) != 0) {
debug_fr(r, "sshkey_check_sigtype");
goto out;