[Bug 2687] Coverity scan fixes
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Sat Mar 4 19:36:30 AEDT 2023
https://bugzilla.mindrot.org/show_bug.cgi?id=2687
--- Comment #31 from Darren Tucker <dtucker at dtucker.net> ---
Comment on attachment 3176
--> https://bugzilla.mindrot.org/attachment.cgi?id=3176
New patch set (openssh-7.8)
>--- a/session.c
>+++ b/session.c
>@@ -1183,6 +1183,7 @@ do_setup_env(struct ssh *ssh, Session *s, const char *shell)
> }
> *value++ = '\0';
> child_set_env(&env, &envsize, cp, value);
>+ free(cp);
I think you're right, I've sent it upstream.
> sftp.c | 2 ++
> 1 file changed, 2 insertions(+)
>
>diff --git a/sftp.c b/sftp.c
[...]
>+ /* FALLTHROUGH */
These are already done.
>diff --git a/sshd.c b/sshd.c
[...]
>+ algs = list_hostkey_types();
>+ myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = compat_pkalg_proposal(algs);
>+ free(algs);
This one also needs to be done. Sent upstream.
>diff --git a/channels.c b/channels.c
[...]
>- host_to_connect = xstrdup(fwd->connect_path);
>+ host_to_connect = fwd->connect_path;
> port_to_connect = PORT_STREAMLOCAL;
These have already been done.
>From a3c6626b39bf049ab9ea7e9dc1fa8caea18df4ad Mon Sep 17 00:00:00 2001
>From: Jakub Jelen <jjelen at redhat.com>
>Date: Tue, 28 Aug 2018 15:12:01 +0200
>Subject: [PATCH 10/11] auth-pam: Avoid memory leak of buffer
>
>---
> auth-pam.c | 22 +++++++++++++---------
This was fixed slightly differently in commit
ec0e6243660bf2df30c620a6a0d83eded376c9c6.
That said, now that we don't have to support SSH1 any more, we don't
actually need to accumulate the messages into a single buffer, so we
could just pass them through to keyboard-interactive and probably
simplify this quite a bit).
>diff --git a/auth-options.c b/auth-options.c
>index 32e9bda1..bb4410e7 100644
[...]
>+ free(opt);
This has already been done.
--
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
More information about the openssh-bugs
mailing list