[Bug 2687] Coverity scan fixes

bugzilla-daemon at bugzilla.mindrot.org bugzilla-daemon at bugzilla.mindrot.org
Fri Mar 10 14:30:58 AEDT 2017


https://bugzilla.mindrot.org/show_bug.cgi?id=2687

--- Comment #5 from Darren Tucker <dtucker at zip.com.au> ---
Comment on attachment 2953
  --> https://bugzilla.mindrot.org/attachment.cgi?id=2953
proposed coverity patch

>+++ b/sshconnect2.c
>@@ -1061,6 +1061,7 @@ sign_and_send_pubkey(Authctxt *authctxt, Identity *id)
> 
> 	if (key_to_blob(id->key, &blob, &bloblen) == 0) {
> 		/* we cannot handle this key */
>+		free(blob);
> 		debug3("sign_and_send_pubkey: cannot handle key");
> 		return 0;
> 	}
>@@ -1170,6 +1171,7 @@ send_pubkey_test(Authctxt *authctxt, Identity *id)
> 
> 	if (key_to_blob(id->key, &blob, &bloblen) == 0) {
> 		/* we cannot handle this key */
>+		free(blob);
> 		debug3("send_pubkey_test: cannot handle key");
> 		return 0;
> 	}

Damien points out that key_to_blob does not allocate in the failure
case and sets blob to NULL so these are not necessary.

-- 
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list