From e838289683c0039fac0ae6172d40b4177c17911b Mon Sep 17 00:00:00 2001 From: Guus Sliepen Date: Tue, 30 Aug 2011 19:56:56 +0200 Subject: [PATCH] Prevent read_rsa_public_key() from returning an uninitialized RSA structure. In case the config file could not be opened a new but unitialized RSA structure would be returned, causing a segmentation fault later on. This would only happen in the case that the config file could be opened before, but not when read_rsa_public_key() was called. This situation could occur when the --user option was used, and the config files were not readable by the specified user. --- src/net_setup.c | 20 +++++++++++++------- 1 file changed, 13 insertions(+), 7 deletions(-) diff --git a/src/net_setup.c b/src/net_setup.c index f18e3bfe..c4337ccc 100644 --- a/src/net_setup.c +++ b/src/net_setup.c @@ -113,11 +113,14 @@ bool read_rsa_public_key(connection_t *c) { xasprintf(&fname, "%s/hosts/%s", confbase, c->name); fp = fopen(fname, "r"); - if(fp) { - c->rsa_key = PEM_read_RSAPublicKey(fp, &c->rsa_key, NULL, NULL); - fclose(fp); + if(!fp) { + logger(LOG_ERR, "Error reading RSA public key file `%s': %s", fname, strerror(errno)); + free(fname); + return; } + c->rsa_key = PEM_read_RSAPublicKey(fp, &c->rsa_key, NULL, NULL); + fclose(fp); free(fname); if(c->rsa_key) @@ -128,12 +131,15 @@ bool read_rsa_public_key(connection_t *c) { xasprintf(&fname, "%s/hosts/%s", confbase, c->name); fp = fopen(fname, "r"); - if(fp) { - c->rsa_key = PEM_read_RSA_PUBKEY(fp, &c->rsa_key, NULL, NULL); -// RSA_blinding_on(c->rsa_key, NULL); - fclose(fp); + if(!fp) { + logger(LOG_ERR, "Error reading RSA public key file `%s': %s", fname, strerror(errno)); + free(fname); + return; } + c->rsa_key = PEM_read_RSA_PUBKEY(fp, &c->rsa_key, NULL, NULL); +// RSA_blinding_on(c->rsa_key, NULL); + fclose(fp); free(fname); if(c->rsa_key) -- 2.39.5