]> asedeno.scripts.mit.edu Git - PuTTY.git/commitdiff
Fix a null-pointer dereference in ecdsa_verifysig.
authorBen Harris <bjh21@bjh21.me.uk>
Sun, 18 Oct 2015 17:55:42 +0000 (18:55 +0100)
committerBen Harris <bjh21@bjh21.me.uk>
Wed, 28 Oct 2015 22:08:59 +0000 (22:08 +0000)
Bug found with the help of afl-fuzz.

sshecc.c

index 541dd63cdb885b9b645be8aa41c9d4ac6dcfbcc8..3912c5f1bd3e82ee58a032e13ead034124a1af66 100644 (file)
--- a/sshecc.c
+++ b/sshecc.c
@@ -2268,6 +2268,7 @@ static int ecdsa_verifysig(void *key, const char *sig, int siglen,
     }
 
     getstring(&sig, &siglen, &p, &slen);
+    if (!p) return 0;
     if (ec->publicKey.curve->type == EC_EDWARDS) {
         struct ec_point *r;
         Bignum s, h;