diff options
| author | Neal Patel <nealpatel@google.com> | 2025-09-10 14:27:42 -0400 |
|---|---|---|
| committer | Gopher Robot <gobot@golang.org> | 2025-11-19 11:28:34 -0800 |
| commit | f91f7a7c31bf90b39c1de895ad116a2bacc88748 (patch) | |
| tree | 814863f3118dff7cd50a6494cdfad81a85d6a709 /ssh/agent/server_test.go | |
| parent | 2df4153a0311bdfea44376e0eb6ef2faefb0275b (diff) | |
| download | go-x-crypto-f91f7a7c31bf90b39c1de895ad116a2bacc88748.tar.xz | |
ssh/agent: prevent panic on malformed constraint
An attacker could supply a malformed Constraint that
would trigger a panic in a serving agent, effectively
causing denial of service.
Thank you to Jakub Ciolek for reporting this issue.
Fixes CVE-2025-47914
Fixes golang/go#76364
Change-Id: I195bbc68b1560d4f04897722a6a653a7cbf086eb
Reviewed-on: https://go-review.googlesource.com/c/crypto/+/721960
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Roland Shoemaker <roland@golang.org>
Reviewed-by: Damien Neil <dneil@google.com>
Diffstat (limited to 'ssh/agent/server_test.go')
| -rw-r--r-- | ssh/agent/server_test.go | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/ssh/agent/server_test.go b/ssh/agent/server_test.go index 7700d18..6309e2d 100644 --- a/ssh/agent/server_test.go +++ b/ssh/agent/server_test.go @@ -8,6 +8,7 @@ import ( "crypto" "crypto/rand" "fmt" + "io" pseudorand "math/rand" "reflect" "strings" @@ -258,6 +259,12 @@ func TestParseConstraints(t *testing.T) { t.Errorf("got extension %v, want %v", extensions, expect) } + // Test Malformed Constraint + _, _, _, err = parseConstraints([]byte{1}) + if err != io.ErrUnexpectedEOF { + t.Errorf("got %v, want %v", err, io.ErrUnexpectedEOF) + } + // Test Unknown Constraint _, _, _, err = parseConstraints([]byte{128}) if err == nil || !strings.Contains(err.Error(), "unknown constraint") { |