freebsd-ports/security/ssh/files/patch-ax

--- rsaglue.c.orig	Tue Nov  9 11:12:32 1999
+++ rsaglue.c	Tue Nov  9 11:17:58 1999
@@ -139,6 +139,10 @@

   input_bits = mpz_sizeinbase(input, 2);
   input_len = (input_bits + 7) / 8;
+  if(input_bits > MAX_RSA_MODULUS_BITS)
+    fatal("Attempted to encrypt a block too large (%d bits, %d max) (malicious?).",
+    	input_bits, MAX_RSA_MODULUS_BITS);
+
   gmp_to_rsaref(input_data, input_len, input);

   rsaref_public_key(&public_key, key);
@@ -172,6 +176,10 @@

   input_bits = mpz_sizeinbase(input, 2);
   input_len = (input_bits + 7) / 8;
+  if(input_bits > MAX_RSA_MODULUS_BITS)
+    fatal("Received session key too long (%d bits, %d max) (malicious?).",
+    	input_bits, MAX_RSA_MODULUS_BITS);
+
   gmp_to_rsaref(input_data, input_len, input);

   rsaref_private_key(&private_key, key);