projects / openwrt / staging / dedeckeh.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 127b630)
dropbear: avoid empty input in base64_decode
authorKonstantin Demin <rockdrilla@gmail.com>
Tue, 16 Oct 2018 13:31:35 +0000 (16:31 +0300)
committerHans Dedecker <dedeckeh@gmail.com>
Thu, 8 Nov 2018 10:07:05 +0000 (11:07 +0100)
cherry-pick upstream commit ee5769f31fc5bef0c0f5f6977523918af892fa3b

Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
package/network/services/dropbear/patches/004-avoid-empty-input-in-base64_decode.patch [new file with mode: 0644] patch | blob

diff --git a/package/network/services/dropbear/patches/004-avoid-empty-input-in-base64_decode.patch b/package/network/services/dropbear/patches/004-avoid-empty-input-in-base64_decode.patch
new file mode 100644 (file)
index 0000000..4f326c9
--- /dev/null
+++ b/package/network/services/dropbear/patches/004-avoid-empty-input-in-base64_decode.patch
@@ -0,0 +1,12 @@
+--- a/signkey.c
++++ b/signkey.c
+@@ -580,6 +580,9 @@ int cmp_base64_key(const unsigned char*
+       /* now we have the actual data */
+       len = line->len - line->pos;
++      if (len == 0) {
++              return DROPBEAR_FAILURE;
++      }
+       decodekeylen = len * 2; /* big to be safe */
+       decodekey = buf_new(decodekeylen);
Staging tree of dedeckeh