[openssh-commits] [openssh] 02/02: upstream: Plug leak on error path, spotted by Coverity. ok djm@

[git+noreply at mindrot.org]

This is an automated email from the git hooks/post-receive script.

dtucker pushed a commit to branch master
in repository openssh.

commit 1a8ce460f1d0c3f7304edba0733783b57b430e21
Author: dtucker at openbsd.org <dtucker at openbsd.org>
AuthorDate: Thu Dec 12 09:09:09 2024 +0000

    upstream: Plug leak on error path, spotted by Coverity. ok djm@
    
    OpenBSD-Commit-ID: b1859959374b4709569760cae0866d22a16606d3
---
 auth2-pubkey.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/auth2-pubkey.c b/auth2-pubkey.c
index c1fef904..aa24fda0 100644
--- a/auth2-pubkey.c
+++ b/auth2-pubkey.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth2-pubkey.c,v 1.121 2024/12/06 16:24:27 djm Exp $ */
+/* $OpenBSD: auth2-pubkey.c,v 1.122 2024/12/12 09:09:09 dtucker Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  * Copyright (c) 2010 Damien Miller.  All rights reserved.
@@ -790,7 +790,7 @@ user_key_allowed(struct ssh *ssh, struct passwd *pw, struct sshkey *key,
     int auth_attempt, struct sshauthopt **authoptsp)
 {
 	u_int success = 0, i, j;
-	char *file, *conn_id;
+	char *file = NULL, *conn_id;
 	struct sshauthopt *opts = NULL;
 	const char *rdomain, *remote_ip, *remote_host;
 
@@ -826,6 +826,8 @@ user_key_allowed(struct ssh *ssh, struct passwd *pw, struct sshkey *key,
 			if (r != GLOB_NOMATCH) {
 				logit_f("glob \"%s\" failed", file);
 			}
+			free(file);
+			file = NULL;
 			continue;
 		} else if (gl.gl_pathc > INT_MAX) {
 			fatal_f("too many glob results for \"%s\"", file);
@@ -842,6 +844,7 @@ user_key_allowed(struct ssh *ssh, struct passwd *pw, struct sshkey *key,
 			}
 		}
 		free(file);
+		file = NULL;
 		globfree(&gl);
 	}
 	if (success)

-- 
To stop receiving notification emails like this one, please contact
djm at mindrot.org.