From 4699635086825ec4f615bd9dda67cd60ab33c34b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Micha=C5=82=20Janiszewski?= <janisozaur@gmail.com>
Date: Fri, 27 May 2016 22:34:13 +0200
Subject: [PATCH] Don't allow null keys

---
 src/network/NetworkKey.cpp |  2 ++
 src/network/network.cpp    | 27 ++++++++++++++++-----------
 2 files changed, 18 insertions(+), 11 deletions(-)

diff --git a/src/network/NetworkKey.cpp b/src/network/NetworkKey.cpp
index 76eba1c517..8bd8dd1c00 100644
--- a/src/network/NetworkKey.cpp
+++ b/src/network/NetworkKey.cpp
@@ -92,6 +92,7 @@ bool NetworkKey::Generate()
 
 bool NetworkKey::LoadPrivate(SDL_RWops * file)
 {
+    assert(file != nullptr);
     size_t size = (size_t)file->size(file);
     if (size == (size_t)-1)
     {
@@ -135,6 +136,7 @@ bool NetworkKey::LoadPrivate(SDL_RWops * file)
 
 bool NetworkKey::LoadPublic(SDL_RWops * file)
 {
+    assert(file != nullptr);
     size_t size = (size_t)file->size(file);
     if (size == (size_t)-1)
     {
diff --git a/src/network/network.cpp b/src/network/network.cpp
index 7078174476..584dfaa4fb 100644
--- a/src/network/network.cpp
+++ b/src/network/network.cpp
@@ -2008,19 +2008,24 @@ void Network::Server_Handle_AUTH(NetworkConnection& connection, NetworkPacket& p
 		} else {
 			const char *signature = (const char *)packet.Read(sigsize);
 			SDL_RWops *pubkey_rw = SDL_RWFromConstMem(pubkey, strlen(pubkey));
-			connection.key.LoadPublic(pubkey_rw);
-			SDL_RWclose(pubkey_rw);
-			bool verified = connection.key.Verify(connection.challenge.data(), connection.challenge.size(), signature, sigsize);
-			const std::string hash = connection.key.PublicKeyHash();
-			if (verified) {
-				connection.authstatus = NETWORK_AUTH_VERIFIED;
-				log_verbose("Signature verification ok. Hash %s", hash.c_str());
-			} else {
+			if (pubkey_rw == nullptr) {
 				connection.authstatus = NETWORK_AUTH_VERIFICATIONFAILURE;
 				log_verbose("Signature verification failed!");
-			}
-			if (gConfigNetwork.known_keys_only && _userManager.GetUserByHash(hash) == nullptr) {
-				connection.authstatus = NETWORK_AUTH_UNKNOWN_KEY_DISALLOWED;
+			} else {
+				connection.key.LoadPublic(pubkey_rw);
+				SDL_RWclose(pubkey_rw);
+				bool verified = connection.key.Verify(connection.challenge.data(), connection.challenge.size(), signature, sigsize);
+				const std::string hash = connection.key.PublicKeyHash();
+				if (verified) {
+					connection.authstatus = NETWORK_AUTH_VERIFIED;
+					log_verbose("Signature verification ok. Hash %s", hash.c_str());
+				} else {
+					connection.authstatus = NETWORK_AUTH_VERIFICATIONFAILURE;
+					log_verbose("Signature verification failed!");
+				}
+				if (gConfigNetwork.known_keys_only && _userManager.GetUserByHash(hash) == nullptr) {
+					connection.authstatus = NETWORK_AUTH_UNKNOWN_KEY_DISALLOWED;
+				}
 			}
 		}