From 1b5aa2c09c2d18aa3c0df74451e5922723bf5d56 Mon Sep 17 00:00:00 2001
From: Mikkel Oscar Lyderik <m@moscar.net>
Date: Fri, 21 Oct 2016 22:00:19 +0200
Subject: [PATCH] ssh pubkey parsing: prevent segfault

Fixes an issue where the apiserver would segfault when parsing an ssh
public key that isn't PEM encoded.
---
 pkg/ssh/ssh.go | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/pkg/ssh/ssh.go b/pkg/ssh/ssh.go
index 5b0db13f875..f90afe263ce 100644
--- a/pkg/ssh/ssh.go
+++ b/pkg/ssh/ssh.go
@@ -277,6 +277,9 @@ func ParsePublicKeyFromFile(keyFile string) (*rsa.PublicKey, error) {
 		return nil, fmt.Errorf("error reading SSH key %s: '%v'", keyFile, err)
 	}
 	keyBlock, _ := pem.Decode(buffer)
+	if keyBlock == nil {
+		return nil, fmt.Errorf("error parsing SSH key %s: 'invalid PEM format'", keyFile)
+	}
 	key, err := x509.ParsePKIXPublicKey(keyBlock.Bytes)
 	if err != nil {
 		return nil, fmt.Errorf("error parsing SSH key %s: '%v'", keyFile, err)