pki: Limit privkey to 4M for now.

2025-08-08 19:02:06 +03:00 · 2013-06-17 12:07:32 +02:00
parent 6f8b5ed679
commit d83b3d9ebe
2 changed files with 7 additions and 0 deletions
--- a/include/libssh/pki.h
+++ b/include/libssh/pki.h
@@ -31,6 +31,7 @@
 #include "libssh/crypto.h"

 #define MAX_PUBKEY_SIZE 0x100000 /* 1M */
+#define MAX_PRIVKEY_SIZE 0x400000 /* 4M */

 #define SSH_KEY_FLAG_EMPTY   0x0
 #define SSH_KEY_FLAG_PUBLIC  0x0001
--- a/src/pki.c
+++ b/src/pki.c
@@ -442,6 +442,12 @@ int ssh_pki_import_privkey_file(const char *filename,
        return SSH_ERROR;
    }

+    if (sb.st_size > MAX_PRIVKEY_SIZE) {
+        ssh_pki_log("Private key is bigger than 4M.");
+        fclose(file);
+        return SSH_ERROR;
+    }
+
    key_buf = malloc(sb.st_size + 1);
    if (key_buf == NULL) {
        fclose(file);