$NetBSD: patch-CVE-2013-4852-1,v 1.2.2.2 2013/08/21 21:59:57 tron Exp $

see http://svn.tartarus.org/sgt?view=revision&sortby=date&revision=9896

--- src/putty/sshdss.c.orig	2007-11-23 11:34:00.000000000 +0000
+++ src/putty/sshdss.c
@@ -43,6 +43,8 @@ static void getstring(char **data, int *
     if (*datalen < 4)
 	return;
     *length = GET_32BIT(*data);
+    if (*length < 0)
+	return;
     *datalen -= 4;
     *data += 4;
     if (*datalen < *length)
@@ -98,7 +100,7 @@ static void *dss_newkey(char *data, int 
     }
 #endif
 
-    if (!p || memcmp(p, "ssh-dss", 7)) {
+    if (!p || slen != 7 || memcmp(p, "ssh-dss", 7)) {
 	sfree(dss);
 	return NULL;
     }
