From 4cf87f4b81fa9380bce5fcff7b0f8382ae3ad996 Mon Sep 17 00:00:00 2001
From: "djm@openbsd.org" <djm@openbsd.org>
Date: Wed, 10 Dec 2014 01:24:09 +0000
Subject: [PATCH] upstream commit

better error value for invalid signature length
---
 sshkey.c | 7 ++-----
 1 file changed, 2 insertions(+), 5 deletions(-)

diff --git a/sshkey.c b/sshkey.c
index 698173866..cf126626e 100644
--- a/sshkey.c
+++ b/sshkey.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshkey.c,v 1.5 2014/11/18 01:02:25 djm Exp $ */
+/* $OpenBSD: sshkey.c,v 1.6 2014/12/10 01:24:09 djm Exp $ */
 /*
  * Copyright (c) 2000, 2001 Markus Friedl.  All rights reserved.
  * Copyright (c) 2008 Alexander von Gernler.  All rights reserved.
@@ -2124,10 +2124,7 @@ sshkey_verify(const struct sshkey *key,
     const u_char *sig, size_t siglen,
     const u_char *data, size_t dlen, u_int compat)
 {
-	if (siglen == 0)
-		return -1;
-
-	if (dlen > SSH_KEY_MAX_SIGN_DATA_SIZE)
+	if (siglen == 0 || dlen > SSH_KEY_MAX_SIGN_DATA_SIZE)
 		return SSH_ERR_INVALID_ARGUMENT;
 	switch (key->type) {
 #ifdef WITH_OPENSSL