From 891539af6cbdbdfabb8d37fb491f7f8cadf9823c Mon Sep 17 00:00:00 2001
From: Andreas Schneider <mail@cynapses.org>
Date: Wed, 1 Apr 2009 21:24:16 +0000
Subject: Add memory error checks for crypto wrapper functions.

git-svn-id: svn+ssh://svn.berlios.de/svnroot/repos/libssh/trunk@330 7dcaeef0-15fb-0310-b436-a5af3365683c
---
 libssh/keyfiles.c | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

(limited to 'libssh/keyfiles.c')

diff --git a/libssh/keyfiles.c b/libssh/keyfiles.c
index cefcc98..d91d035 100644
--- a/libssh/keyfiles.c
+++ b/libssh/keyfiles.c
@@ -993,10 +993,14 @@ static int match_hashed_host(SSH_SESSION *session, char *host, char *sourcehash)
 	if(strncmp(sourcehash,"|1|",3) != 0)
 		return 0;
 	source=strdup(sourcehash+3);
+        if (source == NULL) {
+          leave_function();
+          return 0;
+        }
 	b64hash=strchr(source,'|');
 	if(!b64hash){
 		/* Invalid hash */
-		free(source);
+		SAFE_FREE(source);
 		leave_function();
 		return 0;
 	}
@@ -1006,6 +1010,11 @@ static int match_hashed_host(SSH_SESSION *session, char *host, char *sourcehash)
 	hash=base64_to_bin(b64hash);
 	free(source);
 	mac=hmac_init(buffer_get(salt),buffer_get_len(salt),HMAC_SHA1);
+        if (mac == NULL) {
+          SAFE_FREE(source);
+          leave_function();
+          return 0;
+        }
 	hmac_update(mac,host,strlen(host));
 	hmac_final(mac,buffer,&size);
 	if(size == buffer_get_len(hash) && memcmp(buffer,buffer_get(hash),size)==0)
-- 
cgit