Skip to content

Commit

Permalink
Add check on input length
Browse files Browse the repository at this point in the history
  • Loading branch information
aveenismail committed Sep 5, 2024
1 parent b1a4f97 commit b9b0df6
Show file tree
Hide file tree
Showing 2 changed files with 5 additions and 1 deletion.
4 changes: 4 additions & 0 deletions common/util.c
Original file line number Diff line number Diff line change
Expand Up @@ -70,6 +70,10 @@ bool read_ed25519_key(uint8_t *in, size_t in_len, uint8_t *out,
uint8_t decoded[128];
size_t decoded_len = sizeof(decoded);

if (in_len < (28 + 26)) {
return false;
}

if (memcmp(in, PEM_private_header, 28) != 0 ||
memcmp(in + in_len - 26, PEM_private_trailer, 25) != 0) {
return false;
Expand Down
2 changes: 1 addition & 1 deletion src/commands.c
Original file line number Diff line number Diff line change
Expand Up @@ -3098,7 +3098,7 @@ int yh_com_sign_ssh_certificate(yubihsm_context *ctx, Argument *argv,
uint8_t data[YH_MSG_BUF_SIZE + 1024] = {0};
size_t response_len = sizeof(data);

if (argv[4].len > YH_MSG_BUF_SIZE) {
if (argv[4].len != (4 + 256)) { // 4 bytes timestamp + 256 byte signature
fprintf(stderr, "Failed to sign ssh certificate: %s\n",
yh_strerror(YHR_BUFFER_TOO_SMALL));
return -1;
Expand Down

0 comments on commit b9b0df6

Please sign in to comment.