[openssh-commits] [openssh] 02/02: upstream: avoid xmalloc(0) for PKCS#11 keyid for ECDSA keys (we

git+noreply at mindrot.org git+noreply at mindrot.org
Fri Nov 19 08:13:07 AEDT 2021


This is an automated email from the git hooks/post-receive script.

djm pushed a commit to branch master
in repository openssh.

commit 97f9b6e61316c97a32dad94b7a37daa9b5f6b836
Author: djm at openbsd.org <djm at openbsd.org>
Date:   Thu Nov 18 21:11:01 2021 +0000

    upstream: avoid xmalloc(0) for PKCS#11 keyid for ECDSA keys (we
    
    already did this for RSA keys). Avoids fatal errors for PKCS#11 libraries
    that return empty keyid, e.g. Microchip ATECC608B "cryptoauthlib"; bz#3364
    
    OpenBSD-Commit-ID: 054d4dc1d6a99a2e6f8eebc48207b534057c154d
---
 ssh-pkcs11.c | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/ssh-pkcs11.c b/ssh-pkcs11.c
index 649a6d3b..b2e2b32a 100644
--- a/ssh-pkcs11.c
+++ b/ssh-pkcs11.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-pkcs11.c,v 1.54 2021/08/11 05:20:17 djm Exp $ */
+/* $OpenBSD: ssh-pkcs11.c,v 1.55 2021/11/18 21:11:01 djm Exp $ */
 /*
  * Copyright (c) 2010 Markus Friedl.  All rights reserved.
  * Copyright (c) 2014 Pedro Martelletto. All rights reserved.
@@ -611,9 +611,10 @@ pkcs11_ecdsa_wrap(struct pkcs11_provider *provider, CK_ULONG slotidx,
 	k11->slotidx = slotidx;
 	/* identify key object on smartcard */
 	k11->keyid_len = keyid_attrib->ulValueLen;
-	k11->keyid = xmalloc(k11->keyid_len);
-	memcpy(k11->keyid, keyid_attrib->pValue, k11->keyid_len);
-
+	if (k11->keyid_len > 0) {
+		k11->keyid = xmalloc(k11->keyid_len);
+		memcpy(k11->keyid, keyid_attrib->pValue, k11->keyid_len);
+	}
 	EC_KEY_set_method(ec, ec_key_method);
 	EC_KEY_set_ex_data(ec, ec_key_idx, k11);
 

-- 
To stop receiving notification emails like this one, please contact
djm at mindrot.org.


More information about the openssh-commits mailing list