]> andersk Git - openssh.git/blobdiff - bufaux.c
andersk / openssh.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
- (tim) [configure.ac sshd.8] Enable locked account check (a "*LK*" string)
[openssh.git] / bufaux.c
diff --git a/bufaux.c b/bufaux.c
index cbe77d5ae9f5b860bf8b337009931d054eb70691..106a3a0c70a66963c3751bd617608026c9410c9c 100644 (file)
--- a/bufaux.c
+++ b/bufaux.c
@@ -37,7 +37,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: bufaux.c,v 1.33 2004/10/29 23:56:17 djm Exp $");
+RCSID("$OpenBSD: bufaux.c,v 1.37 2005/11/05 05:01:15 djm Exp $");
 
 #include <openssl/bn.h>
 #include "bufaux.h"
@@ -63,6 +63,7 @@ buffer_put_bignum_ret(Buffer *buffer, const BIGNUM *value)
        if (oi != bin_size) {
                error("buffer_put_bignum_ret: BN_bn2bin() failed: oi %d != bin_size %d",
                    oi, bin_size);
+               xfree(buf);
                return (-1);
        }
 
@@ -151,10 +152,10 @@ buffer_put_bignum2_ret(Buffer *buffer, const BIGNUM *value)
                return (-1);
        }
        buf = xmalloc(bytes);
-       buf[0] = '\0';
+       buf[0] = 0x00;
        /* Get the value of in binary */
        oi = BN_bn2bin(value, buf+1);
-       if (oi != bytes-1) {
+       if (oi < 0 || (u_int)oi != bytes - 1) {
                error("buffer_put_bignum2_ret: BN_bn2bin() failed: "
                    "oi %d != bin_size %d", oi, bytes);
                xfree(buf);
@@ -179,7 +180,7 @@ buffer_get_bignum2_ret(Buffer *buffer, BIGNUM *value)
 {
        u_int len;
        u_char *bin;
-       
+
        if ((bin = buffer_get_string_ret(buffer, &len)) == NULL) {
                error("buffer_get_bignum2_ret: invalid bignum");
                return (-1);
@@ -187,10 +188,12 @@ buffer_get_bignum2_ret(Buffer *buffer, BIGNUM *value)
 
        if (len > 0 && (bin[0] & 0x80)) {
                error("buffer_get_bignum2_ret: negative numbers not supported");
+               xfree(bin);
                return (-1);
        }
        if (len > 8 * 1024) {
                error("buffer_get_bignum2_ret: cannot handle BN of size %d", len);
+               xfree(bin);
                return (-1);
        }
        BN_bin2bn(bin, len, value);
git-cvsimport mirror of OpenSSH
This page took 0.09389 seconds and 4 git commands to generate.