[openssh-commits] [openssh] 01/01: upstream: backout 1.293 fix kex mem-leak in ssh_packet_close at markus
git+noreply at mindrot.org
git+noreply at mindrot.org
Sat Jun 27 20:23:33 AEST 2020
This is an automated email from the git hooks/post-receive script.
djm pushed a commit to branch master
in repository openssh.
commit 14beca57ac92d62830c42444c26ba861812dc837
Author: semarie at openbsd.org <semarie at openbsd.org>
Date: Fri Jun 26 11:26:01 2020 +0000
upstream: backout 1.293 fix kex mem-leak in ssh_packet_close at markus
request
the change introduced a NULL deref in sshpkt_vfatal() (uses of ssh->kex after
calling ssh_packet_clear_keys())
OpenBSD-Commit-ID: 9c9a6721411461b0b1c28dc00930d7251a798484
---
packet.c | 4 +---
1 file changed, 1 insertion(+), 3 deletions(-)
diff --git a/packet.c b/packet.c
index 4780356f..9ffd9f59 100644
--- a/packet.c
+++ b/packet.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: packet.c,v 1.293 2020/06/24 15:12:09 markus Exp $ */
+/* $OpenBSD: packet.c,v 1.294 2020/06/26 11:26:01 semarie Exp $ */
/*
* Author: Tatu Ylonen <ylo at cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
@@ -616,8 +616,6 @@ ssh_packet_close_internal(struct ssh *ssh, int do_close)
state->newkeys[mode] = NULL;
ssh_clear_newkeys(ssh, mode); /* next keys */
}
- kex_free(ssh->kex);
- ssh->kex = NULL;
#ifdef WITH_ZLIB
/* compression state is in shared mem, so we can only release it once */
if (do_close && state->compression_buffer) {
--
To stop receiving notification emails like this one, please contact
djm at mindrot.org.
More information about the openssh-commits
mailing list