X-Git-Url: https://asedeno.scripts.mit.edu/gitweb/?a=blobdiff_plain;f=import.c;h=d1ab75114c5cb7eba8989ec74f0f5cdaa0d7c521;hb=11f628b075cdfa88750192ccd8b94c1c8b53648b;hp=1210cc51831878b82c509dbf4ca04831558ee669;hpb=d36a4c3685f17057ba2c80ac471c1284b615469f;p=PuTTY.git

diff --git a/import.c b/import.c
index 1210cc51..d1ab7511 100644
--- a/import.c
+++ b/import.c
@@ -160,12 +160,11 @@ static int ber_read_id_len(void *source, int sourcelen,
     if ((*p & 0x1F) == 0x1F) {
 	*id = 0;
 	while (*p & 0x80) {
-	    *id = (*id << 7) | (*p & 0x7F);
 	    p++, sourcelen--;
 	    if (sourcelen == 0)
 		return -1;
+	    *id = (*id << 7) | (*p & 0x7F);
 	}
-	*id = (*id << 7) | (*p & 0x7F);
 	p++, sourcelen--;
     } else {
 	*id = *p & 0x1F;
@@ -484,9 +483,9 @@ struct ssh2_userkey *openssh_read(const Filename *filename, char *passphrase)
     struct ssh2_userkey *retval = NULL;
     char *errmsg;
     unsigned char *blob;
-    int blobsize, blobptr, privptr;
-    char *modptr;
-    int modlen;
+    int blobsize = 0, blobptr, privptr;
+    char *modptr = NULL;
+    int modlen = 0;
 
     blob = NULL;
 
@@ -560,6 +559,8 @@ struct ssh2_userkey *openssh_read(const Filename *filename, char *passphrase)
 	num_integers = 9;
     else if (key->type == OSSH_DSA)
 	num_integers = 6;
+    else
+	num_integers = 0;	       /* placate compiler warnings */
 
     /*
      * Space to create key blob in.
@@ -581,6 +582,7 @@ struct ssh2_userkey *openssh_read(const Filename *filename, char *passphrase)
 	if (ret < 0 || id != 2 ||
 	    key->keyblob+key->keyblob_len-p < len) {
 	    errmsg = "ASN.1 decoding failure";
+	    retval = SSH2_WRONG_PASSPHRASE;
 	    goto error;
 	}
 
@@ -667,7 +669,7 @@ int openssh_write(const Filename *filename, struct ssh2_userkey *key,
 		  char *passphrase)
 {
     unsigned char *pubblob, *privblob, *spareblob;
-    int publen, privlen, sparelen;
+    int publen, privlen, sparelen = 0;
     unsigned char *outblob;
     int outlen;
     struct mpint_pos numbers[9];
@@ -1201,7 +1203,7 @@ struct ssh2_userkey *sshcom_read(const Filename *filename, char *passphrase)
     struct ssh2_userkey *ret = NULL, *retkey;
     const struct ssh_signkey *alg;
     unsigned char *blob = NULL;
-    int blobsize, publen, privlen;
+    int blobsize = 0, publen, privlen;
 
     if (!key)
         return NULL;
@@ -1322,7 +1324,7 @@ struct ssh2_userkey *sshcom_read(const Filename *filename, char *passphrase)
      * Strip away the containing string to get to the real meat.
      */
     len = GET_32BIT(ciphertext);
-    if (len > cipherlen-4) {
+    if (len < 0 || len > cipherlen-4) {
         errmsg = "containing string was ill-formed";
         goto error;
     }
@@ -1389,7 +1391,8 @@ struct ssh2_userkey *sshcom_read(const Filename *filename, char *passphrase)
         publen = pos;
         pos += put_mp(blob+pos, x.start, x.bytes);
         privlen = pos - publen;
-    }
+    } else
+	return NULL;
 
     assert(privlen > 0);	       /* should have bombed by now if not */