upstream: avoid NULL deref via ssh-keygen -Y find-principals.

bz3409, reported by Mateusz Adamowski

OpenBSD-Commit-ID: a3b2c02438052ee858e0ee18e5a288586b5df2c5
This commit is contained in:
djm@openbsd.org 2022-03-30 04:27:51 +00:00 committed by Damien Miller
parent e937514920
commit 6d4fc51adb

View File

@ -1,4 +1,4 @@
/* $OpenBSD: sshsig.c,v 1.28 2022/02/01 23:34:47 djm Exp $ */
/* $OpenBSD: sshsig.c,v 1.29 2022/03/30 04:27:51 djm Exp $ */
/*
* Copyright (c) 2019 Google LLC
*
@ -739,7 +739,7 @@ parse_principals_key_and_options(const char *path, u_long linenum, char *line,
return SSH_ERR_KEY_NOT_FOUND; /* blank or all-comment line */
/* format: identity[,identity...] [option[,option...]] key */
if ((tmp = strdelimw(&cp)) == NULL) {
if ((tmp = strdelimw(&cp)) == NULL || cp == NULL) {
error("%s:%lu: invalid line", path, linenum);
r = SSH_ERR_INVALID_FORMAT;
goto out;
@ -777,6 +777,11 @@ parse_principals_key_and_options(const char *path, u_long linenum, char *line,
r = SSH_ERR_INVALID_FORMAT;
goto out;
}
if (cp == NULL || *cp == '\0') {
error("%s:%lu: missing key", path, linenum);
r = SSH_ERR_INVALID_FORMAT;
goto out;
}
*cp++ = '\0';
skip_space(&cp);
if (sshkey_read(key, &cp) != 0) {