pki: Limit privkey to 4M for now.

include/libssh/pki.h

@@ -31,6 +31,7 @@
 #include "libssh/crypto.h"
 
 #define MAX_PUBKEY_SIZE 0x100000 /* 1M */
+#define MAX_PRIVKEY_SIZE 0x400000 /* 4M */
 
 #define SSH_KEY_FLAG_EMPTY   0x0
 #define SSH_KEY_FLAG_PUBLIC  0x0001

src/pki.c

@@ -442,6 +442,12 @@ int ssh_pki_import_privkey_file(const char *filename,
         return SSH_ERROR;
     }
 
+    if (sb.st_size > MAX_PRIVKEY_SIZE) {
+        ssh_pki_log("Private key is bigger than 4M.");
+        fclose(file);
+        return SSH_ERROR;
+    }
+
     key_buf = malloc(sb.st_size + 1);
     if (key_buf == NULL) {
         fclose(file);