openssh-portable icon indicating copy to clipboard operation
openssh-portable copied to clipboard
verified publisher icon openssh

Fix DEREF_AFTER_NULL in mm_answer_keyallowed()

Open maks-mishin opened this issue 1 year ago • 1 comments

After having been compared to a NULL value at monitor.c:1206, pointer 'key' is dereferenced in function auth2_record_key.

Found by RASU JSC.

maks-mishin avatar Mar 11 '24 08:03 maks-mishin

key=NULL is impossible here as sshkey_froms() won't return a NULL key. I'll look at removing the unnecessary key==NULL checks instead

djmdjm avatar Mar 30 '24 05:03 djmdjm