simon-git: putty (master): Simon Tatham

Commits to Tartarus CVS repository. tartarus-commits at lists.tartarus.org
Tue Nov 10 19:07:31 GMT 2015 

TL;DR:
  fa7b23c Fix a segfault in parsing OpenSSH private key files.
  5815d6a Fix an out-of-bounds read in fgetline().
  5b7833c Fix potential segfaults in reading OpenSSH's ASN.1 key format.

Repository:     git://git.tartarus.org/simon/putty.git
On the web:     http://tartarus.org/~simon-git/gitweb/?p=putty.git
Branch updated: master
Committer:      Simon Tatham <anakin at pobox.com>
Date:           2015-11-10 19:07:31

commit fa7b23ce9025daba08e86bb934fc430099792b9a
web diff http://tartarus.org/~simon-git/gitweb/?p=putty.git;a=commitdiff;h=fa7b23ce9025daba08e86bb934fc430099792b9a;hp=a454399ec8d841e627d9d5e05ac977536e776754
Author: Simon Tatham <anakin at pobox.com>
Date:   Tue Nov 10 18:47:55 2015 +0000

    Fix a segfault in parsing OpenSSH private key files.
    
    The initial test for a line ending with "PRIVATE KEY-----" failed to
    take into account the possibility that the line might be shorter than
    that. Fixed by introducing a new library function strendswith(), and
    strstartswith() for good measure, and using that.
    
    Thanks to Hanno Böck for spotting this, with the aid of AFL.

 import.c |    8 ++++----
 misc.c   |   11 +++++++++++
 misc.h   |    2 ++
 3 files changed, 17 insertions(+), 4 deletions(-)

commit 5815d6a65af992881f5462097c9320f3a4716e0c
web diff http://tartarus.org/~simon-git/gitweb/?p=putty.git;a=commitdiff;h=5815d6a65af992881f5462097c9320f3a4716e0c;hp=fa7b23ce9025daba08e86bb934fc430099792b9a
Author: Simon Tatham <anakin at pobox.com>
Date:   Tue Nov 10 18:49:09 2015 +0000

    Fix an out-of-bounds read in fgetline().
    
    Forgot that a zero-length string might have come back from fgets.
    
    Thanks to Hanno Böck for spotting this, with the aid of AFL.

 misc.c |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

commit 5b7833cd474a24ec098654dcba8cb9509f3bf2c1
web diff http://tartarus.org/~simon-git/gitweb/?p=putty.git;a=commitdiff;h=5b7833cd474a24ec098654dcba8cb9509f3bf2c1;hp=5815d6a65af992881f5462097c9320f3a4716e0c
Author: Simon Tatham <anakin at pobox.com>
Date:   Tue Nov 10 18:49:51 2015 +0000

    Fix potential segfaults in reading OpenSSH's ASN.1 key format.
    
    The length coming back from ber_read_id_len might have overflowed, so
    treat it as potentially negative. Also, while I'm here, accumulate it
    inside ber_read_id_len as an unsigned, so as to avoid undefined
    behaviour on integer overflow, and toint() it before return.
    
    Thanks to Hanno Böck for spotting this, with the aid of AFL.

 import.c |   30 +++++++++++++++++++-----------
 1 file changed, 19 insertions(+), 11 deletions(-)

More information about the tartarus-commits mailing list