From: Simon Tatham <anakin@pobox.com>
Date: Sun, 4 Aug 2013 19:34:00 +0000 (+0000)
Subject: Avoid trying to take the modular inverse of zero in response to a
X-Git-Tag: 0.63~8
X-Git-Url: https://asedeno.scripts.mit.edu/gitweb/?a=commitdiff_plain;h=9c054cf467e357fd9f61cc6217962c3f85635d7a;p=PuTTY.git

Avoid trying to take the modular inverse of zero in response to a
sufficiently silly DSA signature.

[originally from svn r9989]
---

diff --git a/sshdss.c b/sshdss.c
index bf6c3ba5..3ea36952 100644
--- a/sshdss.c
+++ b/sshdss.c
@@ -276,6 +276,12 @@ static int dss_verifysig(void *key, char *sig, int siglen,
 	return 0;
     }
 
+    if (!bignum_cmp(s, Zero)) {
+        freebn(r);
+        freebn(s);
+        return 0;
+    }
+
     /*
      * Step 1. w <- s^-1 mod q.
      */