summaryrefslogtreecommitdiffstats
path: root/crypto/openssh/bufaux.c
diff options
context:
space:
mode:
Diffstat (limited to 'crypto/openssh/bufaux.c')
-rw-r--r--crypto/openssh/bufaux.c25
1 files changed, 20 insertions, 5 deletions
diff --git a/crypto/openssh/bufaux.c b/crypto/openssh/bufaux.c
index 79f8bbd..d3dc674 100644
--- a/crypto/openssh/bufaux.c
+++ b/crypto/openssh/bufaux.c
@@ -37,7 +37,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: bufaux.c,v 1.25 2002/04/20 09:14:58 markus Exp $");
+RCSID("$OpenBSD: bufaux.c,v 1.27 2002/06/26 08:53:12 markus Exp $");
#include <openssl/bn.h>
#include "bufaux.h"
@@ -88,6 +88,8 @@ buffer_get_bignum(Buffer *buffer, BIGNUM *value)
bits = GET_16BIT(buf);
/* Compute the number of binary bytes that follow. */
bytes = (bits + 7) / 8;
+ if (bytes > 8 * 1024)
+ fatal("buffer_get_bignum: cannot handle BN of size %d", bytes);
if (buffer_len(buffer) < bytes)
fatal("buffer_get_bignum: input buffer too small");
bin = buffer_ptr(buffer);
@@ -105,6 +107,7 @@ buffer_put_bignum2(Buffer *buffer, BIGNUM *value)
u_char *buf = xmalloc(bytes);
int oi;
int hasnohigh = 0;
+
buf[0] = '\0';
/* Get the value of in binary */
oi = BN_bn2bin(value, buf+1);
@@ -128,12 +131,15 @@ buffer_put_bignum2(Buffer *buffer, BIGNUM *value)
xfree(buf);
}
+/* XXX does not handle negative BNs */
void
buffer_get_bignum2(Buffer *buffer, BIGNUM *value)
{
- /**XXX should be two's-complement */
- int len;
- u_char *bin = buffer_get_string(buffer, (u_int *)&len);
+ u_int len;
+ u_char *bin = buffer_get_string(buffer, &len);
+
+ if (len > 8 * 1024)
+ fatal("buffer_get_bignum2: cannot handle BN of size %d", len);
BN_bin2bn(bin, len, value);
xfree(bin);
}
@@ -145,6 +151,7 @@ u_short
buffer_get_short(Buffer *buffer)
{
u_char buf[2];
+
buffer_get(buffer, (char *) buf, 2);
return GET_16BIT(buf);
}
@@ -153,6 +160,7 @@ u_int
buffer_get_int(Buffer *buffer)
{
u_char buf[4];
+
buffer_get(buffer, (char *) buf, 4);
return GET_32BIT(buf);
}
@@ -162,6 +170,7 @@ u_int64_t
buffer_get_int64(Buffer *buffer)
{
u_char buf[8];
+
buffer_get(buffer, (char *) buf, 8);
return GET_64BIT(buf);
}
@@ -174,6 +183,7 @@ void
buffer_put_short(Buffer *buffer, u_short value)
{
char buf[2];
+
PUT_16BIT(buf, value);
buffer_append(buffer, buf, 2);
}
@@ -182,6 +192,7 @@ void
buffer_put_int(Buffer *buffer, u_int value)
{
char buf[4];
+
PUT_32BIT(buf, value);
buffer_append(buffer, buf, 4);
}
@@ -191,6 +202,7 @@ void
buffer_put_int64(Buffer *buffer, u_int64_t value)
{
char buf[8];
+
PUT_64BIT(buf, value);
buffer_append(buffer, buf, 8);
}
@@ -207,8 +219,9 @@ buffer_put_int64(Buffer *buffer, u_int64_t value)
void *
buffer_get_string(Buffer *buffer, u_int *length_ptr)
{
- u_int len;
u_char *value;
+ u_int len;
+
/* Get the length. */
len = buffer_get_int(buffer);
if (len > 256 * 1024)
@@ -249,6 +262,7 @@ int
buffer_get_char(Buffer *buffer)
{
char ch;
+
buffer_get(buffer, &ch, 1);
return (u_char) ch;
}
@@ -260,5 +274,6 @@ void
buffer_put_char(Buffer *buffer, int value)
{
char ch = value;
+
buffer_append(buffer, &ch, 1);
}
OpenPOWER on IntegriCloud