- djm@cvs.openbsd.org 2011/12/07 05:44:38

[auth2.c dh.c packet.c roaming.h roaming_client.c roaming_common.c] fix some harmless and/or unreachable int overflows; reported Xi Wang, ok markus@
author: Damien Miller <djm@mindrot.org> 2011-12-19 00:52:50 +0100
committer: Damien Miller <djm@mindrot.org> 2011-12-19 00:52:50 +0100
commit: 8ed4de8f1dcebddd7edc0dd3c10f1cb947d831eb (patch)
tree: 3c9442e4dfcae3662f42cb53cccc7e45f98c0897 /dh.c
parent: - djm@cvs.openbsd.org 2011/12/04 23:16:12 (diff)
download: openssh-8ed4de8f1dcebddd7edc0dd3c10f1cb947d831eb.tar.xz
openssh-8ed4de8f1dcebddd7edc0dd3c10f1cb947d831eb.zip
1 files changed, 3 insertions, 1 deletions
diff --git a/dh.c b/dh.c
index b9029d867..d943ca1e1 100644
--- a/dh.c
+++ b/dh.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: dh.c,v 1.48 2009/10/01 11:37:33 grunk Exp $ */
+/* $OpenBSD: dh.c,v 1.49 2011/12/07 05:44:38 djm Exp $ */
 /*
  * Copyright (c) 2000 Niels Provos.  All rights reserved.
  *
@@ -236,6 +236,8 @@ dh_gen_key(DH *dh, int need)
 {
 	int i, bits_set, tries = 0;
 
+	if (need < 0)
+		fatal("dh_gen_key: need < 0");
 	if (dh->p == NULL)
 		fatal("dh_gen_key: dh->p == NULL");
 	if (need > INT_MAX / 2 || 2 * need >= BN_num_bits(dh->p))
author	Damien Miller <djm@mindrot.org>	2011-12-19 00:52:50 +0100
committer	Damien Miller <djm@mindrot.org>	2011-12-19 00:52:50 +0100
commit	8ed4de8f1dcebddd7edc0dd3c10f1cb947d831eb (patch)
tree	3c9442e4dfcae3662f42cb53cccc7e45f98c0897 /dh.c
parent	- djm@cvs.openbsd.org 2011/12/04 23:16:12 (diff)
download	openssh-8ed4de8f1dcebddd7edc0dd3c10f1cb947d831eb.tar.xz openssh-8ed4de8f1dcebddd7edc0dd3c10f1cb947d831eb.zip