From 095b067857df04ea498e7adf76dc0380d7deeb1d Mon Sep 17 00:00:00 2001
From: Matt Johnston <matt@ucc.asn.au>
Date: Thu, 25 May 2017 22:21:23 +0800
Subject: [PATCH] limit input size

--HG--
branch : fuzz
---
 svr-authpubkey.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/svr-authpubkey.c b/svr-authpubkey.c
index 04d1b139..fbee63f0 100644
--- a/svr-authpubkey.c
+++ b/svr-authpubkey.c
@@ -195,9 +195,9 @@ static int checkpubkey_line(buffer* line, int line_num, char* filename,
 	unsigned int pos, len;
 	int ret = DROPBEAR_FAILURE;
 
-	if (line->len < MIN_AUTHKEYS_LINE) {
-		TRACE(("checkpubkey: line too short"))
-		return DROPBEAR_FAILURE; /* line is too short for it to be a valid key */
+	if (line->len < MIN_AUTHKEYS_LINE || line->len > MAX_AUTHKEYS_LINE) {
+		TRACE(("checkpubkey: bad line length %d", line->len))
+		return DROPBEAR_FAILURE;
 	}
 
 	/* compare the algorithm. +3 so we have enough bytes to read a space and some base64 characters too. */
-- 
GitLab