Right now the behavior of packet_{en,de}crypt on len == 0 depends on
the behavior of malloc. Instead, make these consistently fail based
on what I assume the desired behavior is due to the first error
message in each.
Signed-off-by: Alan Dunn <[email protected]>
---
src/packet_crypt.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/src/packet_crypt.c b/src/packet_crypt.c
index 50b8189..479cd16 100644
--- a/src/packet_crypt.c
+++ b/src/packet_crypt.c
@@ -59,7 +59,8 @@ uint32_t packet_decrypt_len(ssh_session session, char
*crypted){
int packet_decrypt(ssh_session session, void *data,uint32_t len) {
struct ssh_cipher_struct *crypto = session->current_crypto->in_cipher;
char *out = NULL;
- if(len % session->current_crypto->in_cipher->blocksize != 0){
+ if(len == 0 ||
+ len % session->current_crypto->in_cipher->blocksize != 0){
ssh_set_error(session, SSH_FATAL, "Cryptographic functions must be set on
at least one blocksize (received %d)",len);
return SSH_ERROR;
}
@@ -92,7 +93,8 @@ unsigned char *packet_encrypt(ssh_session session, void
*data, uint32_t len) {
if (!session->current_crypto) {
return NULL; /* nothing to do here */
}
- if(len % session->current_crypto->in_cipher->blocksize != 0){
+ if(len == 0 ||
+ len % session->current_crypto->in_cipher->blocksize != 0){
ssh_set_error(session, SSH_FATAL, "Cryptographic functions must be set
on at least one blocksize (received %d)",len);
return NULL;
}
--
1.7.9.5
