diff options
author | Andreas Schneider <asn@cryptomilk.org> | 2013-06-17 12:07:32 +0200 |
---|---|---|
committer | Andreas Schneider <asn@cryptomilk.org> | 2013-06-17 12:07:32 +0200 |
commit | d83b3d9ebef272f11eab90dfccc8a87f777d8d5c (patch) | |
tree | 2bd25820b9c86ec8c16dd68ca745d5b427d501b1 | |
parent | 6f8b5ed679876427c4b2ff17b60a7fa3cbd02a54 (diff) | |
download | libssh-d83b3d9ebef272f11eab90dfccc8a87f777d8d5c.tar.gz libssh-d83b3d9ebef272f11eab90dfccc8a87f777d8d5c.tar.xz libssh-d83b3d9ebef272f11eab90dfccc8a87f777d8d5c.zip |
pki: Limit privkey to 4M for now.
-rw-r--r-- | include/libssh/pki.h | 1 | ||||
-rw-r--r-- | src/pki.c | 6 |
2 files changed, 7 insertions, 0 deletions
diff --git a/include/libssh/pki.h b/include/libssh/pki.h index d7fa5e5..566700b 100644 --- a/include/libssh/pki.h +++ b/include/libssh/pki.h @@ -31,6 +31,7 @@ #include "libssh/crypto.h" #define MAX_PUBKEY_SIZE 0x100000 /* 1M */ +#define MAX_PRIVKEY_SIZE 0x400000 /* 4M */ #define SSH_KEY_FLAG_EMPTY 0x0 #define SSH_KEY_FLAG_PUBLIC 0x0001 @@ -442,6 +442,12 @@ int ssh_pki_import_privkey_file(const char *filename, return SSH_ERROR; } + if (sb.st_size > MAX_PRIVKEY_SIZE) { + ssh_pki_log("Private key is bigger than 4M."); + fclose(file); + return SSH_ERROR; + } + key_buf = malloc(sb.st_size + 1); if (key_buf == NULL) { fclose(file); |