[openssh-commits] [openssh] 03/04: upstream: ssh-keygen -Y check-novalidate requires namespace or SEGV
git+noreply at mindrot.org
git+noreply at mindrot.org
Fri Mar 18 13:33:52 AEDT 2022
This is an automated email from the git hooks/post-receive script.
djm pushed a commit to branch master
in repository openssh.
commit a0b5816f8f1f645acdf74f7bc11b34455ec30bac
Author: djm at openbsd.org <djm at openbsd.org>
Date: Fri Mar 18 02:31:25 2022 +0000
upstream: ssh-keygen -Y check-novalidate requires namespace or SEGV
will ensue. Patch from Mateusz Adamowski via GHPR#307
OpenBSD-Commit-ID: 99e8ec38f9feb38bce6de240335be34aedeba5fd
---
ssh-keygen.c | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/ssh-keygen.c b/ssh-keygen.c
index d4b7f4dc..34c316d2 100644
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-keygen.c,v 1.448 2022/02/01 23:32:51 djm Exp $ */
+/* $OpenBSD: ssh-keygen.c,v 1.449 2022/03/18 02:31:25 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo at cs.hut.fi>
* Copyright (c) 1994 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
@@ -3538,6 +3538,12 @@ main(int argc, char **argv)
return sig_sign(identity_file, cert_principals,
argc, argv, opts, nopts);
} else if (strncmp(sign_op, "check-novalidate", 16) == 0) {
+ if (cert_principals == NULL ||
+ *cert_principals == '\0') {
+ error("Too few arguments for check-novalidate: "
+ "missing namespace");
+ exit(1);
+ }
if (ca_key_path == NULL) {
error("Too few arguments for check-novalidate: "
"missing signature file");
--
To stop receiving notification emails like this one, please contact
djm at mindrot.org.
More information about the openssh-commits
mailing list