===================================================================
RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ssh/sshsig.c,v
retrieving revision 1.28
retrieving revision 1.29
diff -u -r1.28 -r1.29
--- src/usr.bin/ssh/sshsig.c	2022/02/01 23:34:47	1.28
+++ src/usr.bin/ssh/sshsig.c	2022/03/30 04:27:51	1.29
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshsig.c,v 1.28 2022/02/01 23:34:47 djm Exp $ */
+/* $OpenBSD: sshsig.c,v 1.29 2022/03/30 04:27:51 djm Exp $ */
 /*
  * Copyright (c) 2019 Google LLC
  *
@@ -737,7 +737,7 @@
 		return SSH_ERR_KEY_NOT_FOUND; /* blank or all-comment line */
 
 	/* format: identity[,identity...] [option[,option...]] key */
-	if ((tmp = strdelimw(&cp)) == NULL) {
+	if ((tmp = strdelimw(&cp)) == NULL || cp == NULL) {
 		error("%s:%lu: invalid line", path, linenum);
 		r = SSH_ERR_INVALID_FORMAT;
 		goto out;
@@ -772,6 +772,11 @@
 		opts = cp;
 		if (sshkey_advance_past_options(&cp) != 0) {
 			error("%s:%lu: invalid options", path, linenum);
+			r = SSH_ERR_INVALID_FORMAT;
+			goto out;
+		}
+		if (cp == NULL || *cp == '\0') {
+			error("%s:%lu: missing key", path, linenum);
 			r = SSH_ERR_INVALID_FORMAT;
 			goto out;
 		}