[openssh-commits] [openssh] 15/15: upstream: fix memleak of signature; from Pedro Martelletto
git+noreply at mindrot.org
git+noreply at mindrot.org
Wed May 27 21:55:14 AEST 2020
This is an automated email from the git hooks/post-receive script.
djm pushed a commit to branch master
in repository openssh.
commit 4be563994c0cbe9856e7dd3078909f41beae4a9c
Author: djm at openbsd.org <djm at openbsd.org>
Date: Tue May 26 01:59:46 2020 +0000
upstream: fix memleak of signature; from Pedro Martelletto
OpenBSD-Commit-ID: d0a6eb07e77c001427d738b220dd024ddc64b2bb
---
ssh-sk-helper.c | 13 ++++++++-----
1 file changed, 8 insertions(+), 5 deletions(-)
diff --git a/ssh-sk-helper.c b/ssh-sk-helper.c
index 2f93ad71..8f92f4e2 100644
--- a/ssh-sk-helper.c
+++ b/ssh-sk-helper.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-sk-helper.c,v 1.9 2020/01/25 23:13:09 djm Exp $ */
+/* $OpenBSD: ssh-sk-helper.c,v 1.10 2020/05/26 01:59:46 djm Exp $ */
/*
* Copyright (c) 2019 Google LLC
*
@@ -93,12 +93,12 @@ process_sign(struct sshbuf *req)
{
int r = SSH_ERR_INTERNAL_ERROR;
struct sshbuf *resp, *kbuf;
- struct sshkey *key;
+ struct sshkey *key = NULL;
uint32_t compat;
const u_char *message;
- u_char *sig;
- size_t msglen, siglen;
- char *provider, *pin;
+ u_char *sig = NULL;
+ size_t msglen, siglen = 0;
+ char *provider = NULL, *pin = NULL;
if ((r = sshbuf_froms(req, &kbuf)) != 0 ||
(r = sshbuf_get_cstring(req, &provider, NULL)) != 0 ||
@@ -134,8 +134,11 @@ process_sign(struct sshbuf *req)
(r = sshbuf_put_string(resp, sig, siglen)) != 0)
fatal("%s: buffer error: %s", __progname, ssh_err(r));
out:
+ sshkey_free(key);
sshbuf_free(kbuf);
free(provider);
+ if (sig != NULL)
+ freezero(sig, siglen);
if (pin != NULL)
freezero(pin, strlen(pin));
return resp;
--
To stop receiving notification emails like this one, please contact
djm at mindrot.org.
More information about the openssh-commits
mailing list