2 files changed, 18 insertions, 7 deletions

diff --git a/libssh/dh.c b/libssh/dh.c
index 439d1980..f9684215 100644
--- a/libssh/dh.c
+++ b/libssh/dh.c
@@ -234,18 +234,26 @@ int dh_generate_x(SSH_SESSION *session) {
 }
 
 /* used by server */
-void dh_generate_y(SSH_SESSION *session){
-    session->next_crypto->y=bignum_new();
+int dh_generate_y(SSH_SESSION *session) {
+    session->next_crypto->y = bignum_new();
+  if (session->next_crypto->y == NULL) {
+    return -1;
+  }
+
 #ifdef HAVE_LIBGCRYPT
-    bignum_rand(session->next_crypto->y,128);
+  bignum_rand(session->next_crypto->y, 128);
 #elif defined HAVE_LIBCRYPTO
-    bignum_rand(session->next_crypto->y,128,0,-1);
+  bignum_rand(session->next_crypto->y, 128, 0, -1);
 #endif
-    /* not harder than this */
+
+  /* not harder than this */
 #ifdef DEBUG_CRYPTO
-	ssh_print_bignum("y",session->next_crypto->y);
+  ssh_print_bignum("y", session->next_crypto->y);
 #endif
+
+  return 0;
 }
+
 /* used by server */
 void dh_generate_e(SSH_SESSION *session){
 #ifdef HAVE_LIBCRYPTO
diff --git a/libssh/server.c b/libssh/server.c
index b26c75cc..7e3eb448 100644
--- a/libssh/server.c
+++ b/libssh/server.c
@@ -274,7 +274,10 @@ static int dh_handshake_server(SSH_SESSION *session){
     }
     dh_import_e(session,e);
     free(e);
-    dh_generate_y(session);
+    if (dh_generate_y(session) < 0) {
+      ssh_set_error(session,SSH_FATAL,"Could not create y number");
+      return -1;
+    }
     dh_generate_f(session);
     f=dh_get_f(session);
     switch(session->hostkeys){