From cc04154d65fb9296747569b107cfd05380b1ea3e Mon Sep 17 00:00:00 2001
From: Michael Gehring <mg@ebfe.org>
Date: Tue, 23 Jun 2015 17:05:18 +0200
Subject: [PATCH] x/crypto/ssh: fix bounds check in parseString

Fixes #11348

Change-Id: If083744343256a2a53eb813411ba0c9a359d6dbd
Reviewed-on: https://go-review.googlesource.com/11332
Reviewed-by: Adam Langley <agl@golang.org>
---
 ssh/messages.go      |  7 ++++---
 ssh/messages_test.go | 10 ++++++++++
 2 files changed, 14 insertions(+), 3 deletions(-)

diff --git a/ssh/messages.go b/ssh/messages.go
index f9e44bb1eb1eec..eaf6106698e762 100644
--- a/ssh/messages.go
+++ b/ssh/messages.go
@@ -484,11 +484,12 @@ func parseString(in []byte) (out, rest []byte, ok bool) {
 		return
 	}
 	length := binary.BigEndian.Uint32(in)
-	if uint32(len(in)) < 4+length {
+	in = in[4:]
+	if uint32(len(in)) < length {
 		return
 	}
-	out = in[4 : 4+length]
-	rest = in[4+length:]
+	out = in[:length]
+	rest = in[length:]
 	ok = true
 	return
 }
diff --git a/ssh/messages_test.go b/ssh/messages_test.go
index 21d52daf264a85..955b5127f9bf4a 100644
--- a/ssh/messages_test.go
+++ b/ssh/messages_test.go
@@ -162,6 +162,16 @@ func TestBareMarshal(t *testing.T) {
 	}
 }
 
+func TestUnmarshalShortKexInitPacket(t *testing.T) {
+	// This used to panic.
+	// Issue 11348
+	packet := []byte{0x14, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0xff, 0xff, 0xff, 0xff}
+	kim := &kexInitMsg{}
+	if err := Unmarshal(packet, kim); err == nil {
+		t.Error("truncated packet unmarshaled without error")
+	}
+}
+
 func randomBytes(out []byte, rand *rand.Rand) {
 	for i := 0; i < len(out); i++ {
 		out[i] = byte(rand.Int31())