aboutsummaryrefslogtreecommitdiff
path: root/lib/vssh
diff options
context:
space:
mode:
authorJim Fuller <jim@webcomposite.com>2020-03-08 18:35:21 +0100
committerDaniel Stenberg <daniel@haxx.se>2020-03-09 15:01:40 +0100
commite96fe70cabcb3a5a009821dbb453dc0160ddc3f5 (patch)
tree256a0f3597f89eb2ab3b6f75e74ea59a54356679 /lib/vssh
parent464d944b51722084b8f607d247fa0661017dea24 (diff)
sftp: fix segfault regression introduced by #4747
This fix adds a defensive check for the case where the char *name in struct libssh2_knownhost is NULL Fixes #5041 Closes #5062
Diffstat (limited to 'lib/vssh')
-rw-r--r--lib/vssh/libssh2.c41
1 files changed, 25 insertions, 16 deletions
diff --git a/lib/vssh/libssh2.c b/lib/vssh/libssh2.c
index 8e043747e..c487ccabb 100644
--- a/lib/vssh/libssh2.c
+++ b/lib/vssh/libssh2.c
@@ -694,31 +694,40 @@ static CURLcode ssh_force_knownhost_key_type(struct connectdata *conn)
while(!libssh2_knownhost_get(sshc->kh, &store, store)) {
/* For non-standard ports, the name will be enclosed in */
/* square brackets, followed by a colon and the port */
- if(store->name[0] == '[') {
- kh_name_end = strstr(store->name, "]:");
- if(!kh_name_end) {
- infof(data, "Invalid host pattern %s in %s\n",
- store->name, data->set.str[STRING_SSH_KNOWNHOSTS]);
- continue;
- }
- port = atoi(kh_name_end + 2);
- if(kh_name_end && (port == conn->remote_port)) {
- kh_name_size = strlen(store->name) - 1 - strlen(kh_name_end);
- if(strncmp(store->name + 1, conn->host.name, kh_name_size) == 0) {
+ if(store) {
+ if(store->name) {
+ if(store->name[0] == '[') {
+ kh_name_end = strstr(store->name, "]:");
+ if(!kh_name_end) {
+ infof(data, "Invalid host pattern %s in %s\n",
+ store->name, data->set.str[STRING_SSH_KNOWNHOSTS]);
+ continue;
+ }
+ port = atoi(kh_name_end + 2);
+ if(kh_name_end && (port == conn->remote_port)) {
+ kh_name_size = strlen(store->name) - 1 - strlen(kh_name_end);
+ if(strncmp(store->name + 1,
+ conn->host.name, kh_name_size) == 0) {
+ found = true;
+ break;
+ }
+ }
+ }
+ else if(strcmp(store->name, conn->host.name) == 0) {
found = true;
break;
}
}
- }
- else if(strcmp(store->name, conn->host.name) == 0) {
- found = true;
- break;
+ else {
+ found = true;
+ break;
+ }
}
}
if(found) {
infof(data, "Found host %s in %s\n",
- store->name, data->set.str[STRING_SSH_KNOWNHOSTS]);
+ conn->host.name, data->set.str[STRING_SSH_KNOWNHOSTS]);
switch(store->typemask & LIBSSH2_KNOWNHOST_KEY_MASK) {
#ifdef LIBSSH2_KNOWNHOST_KEY_ED25519