From: Simon Tatham <anakin@pobox.com>
Date: Thu, 25 Feb 2016 20:26:33 +0000 (+0000)
Subject: Fix potential segfaults in reading OpenSSH's ASN.1 key format.
X-Git-Tag: 0.67~29
X-Git-Url: https://asedeno.scripts.mit.edu/gitweb/?a=commitdiff_plain;h=f0222e74645297e410f90815c16474918d6ca41b;p=PuTTY.git

Fix potential segfaults in reading OpenSSH's ASN.1 key format.

The length coming back from ber_read_id_len might have overflowed, so
treat it as potentially negative. Also, while I'm here, accumulate it
inside ber_read_id_len as an unsigned, so as to avoid undefined
behaviour on integer overflow, and toint() it before return.

Thanks to Hanno Böck for spotting this, with the aid of AFL.

(cherry picked from commit 5b7833cd474a24ec098654dcba8cb9509f3bf2c1)

Conflicts:
	import.c

(cherry-picker's note: resolving the conflict involved removing an
entire section of the original commit which fixed ECDSA code not
present on this branch)
---

diff --git a/import.c b/import.c
index 466326f6..4f3ed1fa 100644
--- a/import.c
+++ b/import.c
@@ -176,14 +176,16 @@ static int ber_read_id_len(void *source, int sourcelen,
 	return -1;
 
     if (*p & 0x80) {
+        unsigned len;
 	int n = *p & 0x7F;
 	p++, sourcelen--;
 	if (sourcelen < n)
 	    return -1;
-	*length = 0;
+	len = 0;
 	while (n--)
-	    *length = (*length << 8) | (*p++);
+	    len = (len << 8) | (*p++);
 	sourcelen -= n;
+        *length = toint(len);
     } else {
 	*length = *p;
 	p++, sourcelen--;
@@ -599,7 +601,8 @@ struct ssh2_userkey *openssh_read(const Filename *filename, char *passphrase,
      * decrypt, if the key was encrypted. */
     ret = ber_read_id_len(p, key->keyblob_len, &id, &len, &flags);
     p += ret;
-    if (ret < 0 || id != 16) {
+    if (ret < 0 || id != 16 || len < 0 ||
+        key->keyblob+key->keyblob_len-p < len) {
 	errmsg = "ASN.1 decoding failure";
         retval = key->encrypted ? SSH2_WRONG_PASSPHRASE : NULL;
 	goto error;
@@ -630,7 +633,7 @@ struct ssh2_userkey *openssh_read(const Filename *filename, char *passphrase,
 	ret = ber_read_id_len(p, key->keyblob+key->keyblob_len-p,
 			      &id, &len, &flags);
 	p += ret;
-	if (ret < 0 || id != 2 ||
+	if (ret < 0 || id != 2 || len < 0 ||
 	    key->keyblob+key->keyblob_len-p < len) {
 	    errmsg = "ASN.1 decoding failure";
 	    retval = key->encrypted ? SSH2_WRONG_PASSPHRASE : NULL;