===================================================================
RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ssh/Attic/schnorr.c,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- src/usr.bin/ssh/Attic/schnorr.c	2009/03/05 07:18:19	1.3
+++ src/usr.bin/ssh/Attic/schnorr.c	2010/09/20 04:50:53	1.4
@@ -1,4 +1,4 @@
-/* $OpenBSD: schnorr.c,v 1.3 2009/03/05 07:18:19 djm Exp $ */
+/* $OpenBSD: schnorr.c,v 1.4 2010/09/20 04:50:53 djm Exp $ */
 /*
  * Copyright (c) 2008 Damien Miller.  All rights reserved.
  *
@@ -134,6 +134,10 @@
 		error("%s: g_x < 1", __func__);
 		return -1;
 	}
+	if (BN_cmp(g_x, grp_p) >= 0) {
+		error("%s: g_x > g", __func__);
+		return -1;
+	}
 
 	h = g_v = r = tmp = v = NULL;
 	if ((bn_ctx = BN_CTX_new()) == NULL) {
@@ -258,6 +262,10 @@
 	/* Avoid degenerate cases: g^0 yields a spoofable signature */
 	if (BN_cmp(g_x, BN_value_one()) <= 0) {
 		error("%s: g_x < 1", __func__);
+		return -1;
+	}
+	if (BN_cmp(g_x, grp_p) >= 0) {
+		error("%s: g_x >= p", __func__);
 		return -1;
 	}