pki: Limit privkey to 4M for now.

author: Andreas Schneider <asn@cryptomilk.org> 2013-06-17 12:07:32 +0200
committer: Andreas Schneider <asn@cryptomilk.org> 2013-06-17 12:07:32 +0200
commit: d83b3d9ebef272f11eab90dfccc8a87f777d8d5c (patch)
tree: 2bd25820b9c86ec8c16dd68ca745d5b427d501b1
parent: 6f8b5ed679876427c4b2ff17b60a7fa3cbd02a54 (diff)
download: libssh-d83b3d9ebef272f11eab90dfccc8a87f777d8d5c.tar.gz
libssh-d83b3d9ebef272f11eab90dfccc8a87f777d8d5c.tar.xz
libssh-d83b3d9ebef272f11eab90dfccc8a87f777d8d5c.zip
2 files changed, 7 insertions, 0 deletions
diff --git a/include/libssh/pki.h b/include/libssh/pki.h
index d7fa5e5..566700b 100644
--- a/include/libssh/pki.h
+++ b/include/libssh/pki.h
@@ -31,6 +31,7 @@
 #include "libssh/crypto.h"
 
 #define MAX_PUBKEY_SIZE 0x100000 /* 1M */
+#define MAX_PRIVKEY_SIZE 0x400000 /* 4M */
 
 #define SSH_KEY_FLAG_EMPTY   0x0
 #define SSH_KEY_FLAG_PUBLIC  0x0001
diff --git a/src/pki.c b/src/pki.c
index e08ed4d..a3616c2 100644
--- a/src/pki.c
+++ b/src/pki.c
@@ -442,6 +442,12 @@ int ssh_pki_import_privkey_file(const char *filename,
         return SSH_ERROR;
     }
 
+    if (sb.st_size > MAX_PRIVKEY_SIZE) {
+        ssh_pki_log("Private key is bigger than 4M.");
+        fclose(file);
+        return SSH_ERROR;
+    }
+
     key_buf = malloc(sb.st_size + 1);
     if (key_buf == NULL) {
         fclose(file);
author	Andreas Schneider <asn@cryptomilk.org>	2013-06-17 12:07:32 +0200
committer	Andreas Schneider <asn@cryptomilk.org>	2013-06-17 12:07:32 +0200
commit	d83b3d9ebef272f11eab90dfccc8a87f777d8d5c (patch)
tree	2bd25820b9c86ec8c16dd68ca745d5b427d501b1
parent	6f8b5ed679876427c4b2ff17b60a7fa3cbd02a54 (diff)
download	libssh-d83b3d9ebef272f11eab90dfccc8a87f777d8d5c.tar.gz libssh-d83b3d9ebef272f11eab90dfccc8a87f777d8d5c.tar.xz libssh-d83b3d9ebef272f11eab90dfccc8a87f777d8d5c.zip