Re: buffer_put_bignum2_from_string question

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



On Tue, 8 Apr 2014, Jan Moj??? wrote:

> Hello,
> I have question about buffer_put_bignum2_from_string
> function used in kexc25519.c in (OpenSSH >= 6.5)
> 
> Is it 1:1 replacement for formating bignums from OpenSSL?

It is intended to be.

> If yes, then buffer_put_bignum2_from_string
> has different results for numbers starting with zeros.

Yes, there is a bug. I think this fixes it:

Index: bufaux.c
===================================================================
RCS file: /cvs/src/usr.bin/ssh/bufaux.c,v
retrieving revision 1.56
diff -u -p -r1.56 bufaux.c
--- bufaux.c	2 Feb 2014 03:44:31 -0000	1.56
+++ bufaux.c	8 Apr 2014 23:04:11 -0000
@@ -370,6 +370,8 @@ buffer_put_bignum2_from_string(Buffer *b
 
 	if (l > 8 * 1024)
 		fatal("%s: length %u too long", __func__, l);
+	for (; l > 0 && *s == 0; l--, s++)
+		;
 	p = buf = xmalloc(l + 1);
 	/*
 	 * If most significant bit is set then prepend a zero byte to

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev




[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux