[openssh-commits] [openssh] 02/02: memleak of buffer in sshpam_query

git+noreply at mindrot.org git+noreply at mindrot.org
Fri Sep 13 13:16:51 AEST 2019


This is an automated email from the git hooks/post-receive script.

djm pushed a commit to branch master
in repository openssh.

commit ec0e6243660bf2df30c620a6a0d83eded376c9c6
Author: Damien Miller <djm at mindrot.org>
Date:   Fri Sep 13 13:14:39 2019 +1000

    memleak of buffer in sshpam_query
    
    coverity report via Ed Maste; ok dtucker@
---
 auth-pam.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/auth-pam.c b/auth-pam.c
index 55253e6a..d3f400bc 100644
--- a/auth-pam.c
+++ b/auth-pam.c
@@ -851,6 +851,7 @@ sshpam_query(void *ctx, char **name, char **info,
 			plen += mlen;
 			**echo_on = (type == PAM_PROMPT_ECHO_ON);
 			free(msg);
+			sshbuf_free(buffer);
 			return (0);
 		case PAM_ERROR_MSG:
 		case PAM_TEXT_INFO:
@@ -879,6 +880,7 @@ sshpam_query(void *ctx, char **name, char **info,
 				**echo_on = 0;
 				ctxt->pam_done = -1;
 				free(msg);
+				sshbuf_free(buffer);
 				return 0;
 			}
 			/* FALLTHROUGH */
@@ -905,6 +907,7 @@ sshpam_query(void *ctx, char **name, char **info,
 				**echo_on = 0;
 				ctxt->pam_done = 1;
 				free(msg);
+				sshbuf_free(buffer);
 				return (0);
 			}
 			error("PAM: %s for %s%.100s from %.100s", msg,
@@ -916,9 +919,11 @@ sshpam_query(void *ctx, char **name, char **info,
 			**echo_on = 0;
 			free(msg);
 			ctxt->pam_done = -1;
+			sshbuf_free(buffer);
 			return (-1);
 		}
 	}
+	sshbuf_free(buffer);
 	return (-1);
 }
 

-- 
To stop receiving notification emails like this one, please contact
djm at mindrot.org.


More information about the openssh-commits mailing list