From 07671917e476ad5ae8f5098630ef1cd531ff401a Mon Sep 17 00:00:00 2001
From: NIIBE Yutaka <gniibe@fsij.org>
Date: Wed, 24 Nov 2021 10:32:57 +0900
Subject: [PATCH] gpg: Fix key conversion for SSH.

* g10/export.c (key_to_sshblob): Use put_membuf with length counted
beforehand, and use memcmp instead of strncmp.

--

GnuPG-bug-id: 5393
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
---
 g10/export.c | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/g10/export.c b/g10/export.c
index 98c4623cf..c7cfcfaa4 100644
--- a/g10/export.c
+++ b/g10/export.c
@@ -2133,14 +2133,15 @@ key_to_sshblob (membuf_t *mb, const char *identifier, ...)
   size_t buflen;
   gcry_mpi_t a;
 
-  ulongtobuf (nbuf, (ulong)strlen (identifier));
+  buflen = strlen (identifier);
+  ulongtobuf (nbuf, (ulong)buflen);
   put_membuf (mb, nbuf, 4);
-  put_membuf_str (mb, identifier);
-  if (!strncmp (identifier, "ecdsa-sha2-", 11))
+  put_membuf (mb, identifier, buflen);
+  if (buflen > 11 && !memcmp (identifier, "ecdsa-sha2-", 11))
     {
-      ulongtobuf (nbuf, (ulong)strlen (identifier+11));
+      ulongtobuf (nbuf, (ulong)(buflen - 11));
       put_membuf (mb, nbuf, 4);
-      put_membuf_str (mb, identifier+11);
+      put_membuf (mb, identifier+11, buflen - 11);
     }
   va_start (arg_ptr, identifier);
   while ((a = va_arg (arg_ptr, gcry_mpi_t)))