From: Ben Harris <bjh21@bjh21.me.uk>
Date: Fri, 9 Oct 2015 23:58:11 +0000 (+0100)
Subject: rsa2_pubkey_bits: Cope correctly with a NULL return from rsa2_newkey()
X-Git-Tag: 0.68~333^2~17
X-Git-Url: https://asedeno.scripts.mit.edu/gitweb/?a=commitdiff_plain;h=7707aa24d672de5d03ae7e66fbc2fd525dc9a24d;p=PuTTY.git

rsa2_pubkey_bits: Cope correctly with a NULL return from rsa2_newkey()

Dereferencing it is not correct.
Bug found with the help of afl-fuzz.
---

diff --git a/sshrsa.c b/sshrsa.c
index 850204c7..e565a64a 100644
--- a/sshrsa.c
+++ b/sshrsa.c
@@ -773,6 +773,8 @@ static int rsa2_pubkey_bits(const struct ssh_signkey *self,
     int ret;
 
     rsa = rsa2_newkey(self, (const char *) blob, len);
+    if (!rsa)
+	return -1;
     ret = bignum_bitcount(rsa->modulus);
     rsa2_freekey(rsa);