pki: NULL check pki_signature_from_rsa_blob result

Check for a potential NULL result from `pki_signature_from_rsa_blob` in `pki_signature_from_blob`. Otherwise the following `sig->type_c` will result in a segfault. Introduced in 7f83a1efae6a7da19e18268d6298fc11b4e68c57. Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-29 16:16:29 -05:00 · 2019-01-29 16:16:29 -05:00 · ccd73db90c
--- a/src/pki_crypto.c
+++ b/src/pki_crypto.c
@ -1681,6 +1681,9 @@ ssh_signature pki_signature_from_blob(const ssh_key pubkey,
        case SSH_KEYTYPE_RSA:
        case SSH_KEYTYPE_RSA1:
            sig = pki_signature_from_rsa_blob(pubkey, sig_blob, sig);
+            if (sig == NULL) {
+                return NULL;
+            }
            sig->type_c = ssh_key_signature_to_char(type, hash_type);
            break;
        case SSH_KEYTYPE_ECDSA:
--- a/src/pki_mbedcrypto.c
+++ b/src/pki_mbedcrypto.c
@ -917,6 +917,9 @@ ssh_signature pki_signature_from_blob(const ssh_key pubkey,
    switch(type) {
        case SSH_KEYTYPE_RSA:
            sig = pki_signature_from_rsa_blob(pubkey, sig_blob, sig);
+            if (sig == NULL) {
+                return NULL;
+            }
            sig->type_c = ssh_key_signature_to_char(type, hash_type);
            break;
        case SSH_KEYTYPE_ECDSA: {