mirror of https://github.com/wolfSSL/wolfssh.git
Merge pull request #290 from ejohnstown/user-auth-bounds
User Authentication Bounds Checkspull/292/head
commit
b2d2edc6d9
|
@ -3886,18 +3886,35 @@ static int DoUserAuthRequestPublicKey(WOLFSSH* ssh, WS_UserAuthData* authData,
|
|||
if (ret == WS_SUCCESS)
|
||||
ret = GetUint32(&pk->publicKeyTypeSz, buf, len, &begin);
|
||||
|
||||
if (ret == WS_SUCCESS) {
|
||||
if (pk->publicKeyTypeSz > len - begin) {
|
||||
ret = WS_BUFFER_E;
|
||||
}
|
||||
}
|
||||
|
||||
if (ret == WS_SUCCESS) {
|
||||
pk->publicKeyType = buf + begin;
|
||||
begin += pk->publicKeyTypeSz;
|
||||
ret = GetUint32(&pk->publicKeySz, buf, len, &begin);
|
||||
}
|
||||
|
||||
if (ret == WS_SUCCESS) {
|
||||
if (pk->publicKeySz > len - begin) {
|
||||
ret = WS_BUFFER_E;
|
||||
}
|
||||
}
|
||||
|
||||
if (ret == WS_SUCCESS) {
|
||||
pk->publicKey = buf + begin;
|
||||
begin += pk->publicKeySz;
|
||||
|
||||
if (pk->hasSignature) {
|
||||
ret = GetUint32(&pk->signatureSz, buf, len, &begin);
|
||||
if (ret == WS_SUCCESS) {
|
||||
if (pk->signatureSz > len - begin) {
|
||||
ret = WS_BUFFER_E;
|
||||
}
|
||||
}
|
||||
if (ret == WS_SUCCESS) {
|
||||
pk->signature = buf + begin;
|
||||
begin += pk->signatureSz;
|
||||
|
@ -4043,6 +4060,12 @@ static int DoUserAuthRequest(WOLFSSH* ssh,
|
|||
ret = GetUint32(&authData.usernameSz, buf, len, &begin);
|
||||
}
|
||||
|
||||
if (ret == WS_SUCCESS) {
|
||||
if (authData.usernameSz > len - begin) {
|
||||
ret = WS_BUFFER_E;
|
||||
}
|
||||
}
|
||||
|
||||
if (ret == WS_SUCCESS) {
|
||||
authData.username = buf + begin;
|
||||
begin += authData.usernameSz;
|
||||
|
@ -4050,6 +4073,12 @@ static int DoUserAuthRequest(WOLFSSH* ssh,
|
|||
ret = GetUint32(&authData.serviceNameSz, buf, len, &begin);
|
||||
}
|
||||
|
||||
if (ret == WS_SUCCESS) {
|
||||
if (authData.serviceNameSz > len - begin) {
|
||||
ret = WS_BUFFER_E;
|
||||
}
|
||||
}
|
||||
|
||||
if (ret == WS_SUCCESS) {
|
||||
authData.serviceName = buf + begin;
|
||||
begin += authData.serviceNameSz;
|
||||
|
|
Loading…
Reference in New Issue