[openssh-commits] [openssh] 02/03: upstream: Plug leaks while parsing Match blocks. Coverity CID
git+noreply at mindrot.org
git+noreply at mindrot.org
Thu Nov 20 16:33:53 AEDT 2025
This is an automated email from the git hooks/post-receive script.
dtucker pushed a commit to branch master
in repository openssh.
commit d68d528fefeca1e331696296ef5db7c4db246f9a
Author: dtucker at openbsd.org <dtucker at openbsd.org>
AuthorDate: Thu Nov 20 05:10:56 2025 +0000
upstream: Plug leaks while parsing Match blocks. Coverity CID
469304, ok djm@
OpenBSD-Commit-ID: f9b79b86879a953ad034e6b92a398265b251bea7
---
servconf.c | 25 +++++++++++++------------
1 file changed, 13 insertions(+), 12 deletions(-)
diff --git a/servconf.c b/servconf.c
index 48ec8c4ec..6d23c3686 100644
--- a/servconf.c
+++ b/servconf.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: servconf.c,v 1.435 2025/09/25 06:31:42 djm Exp $ */
+/* $OpenBSD: servconf.c,v 1.436 2025/11/20 05:10:56 dtucker Exp $ */
/*
* Copyright (c) 1995 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
* All rights reserved
@@ -1048,12 +1048,12 @@ match_cfg_line(const char *full_line, int *acp, char ***avp,
}
while ((oattrib = argv_next(acp, avp)) != NULL) {
- attrib = xstrdup(oattrib);
/* Terminate on comment */
- if (*attrib == '#') {
+ if (*oattrib == '#') {
argv_consume(acp); /* mark all arguments consumed */
break;
}
+ attrib = xstrdup(oattrib);
arg = NULL;
attributes++;
/* Criterion "all" has no argument and must appear alone */
@@ -1075,13 +1075,13 @@ match_cfg_line(const char *full_line, int *acp, char ***avp,
if (strcasecmp(attrib, "invalid-user") == 0) {
if (ci == NULL) {
result = 0;
- continue;
+ goto next;
}
if (ci->user_invalid == 0)
result = 0;
else
debug("matched invalid-user at line %d", line);
- continue;
+ goto next;
}
/* Keep this list in sync with below */
@@ -1108,7 +1108,7 @@ match_cfg_line(const char *full_line, int *acp, char ***avp,
if (strcasecmp(attrib, "user") == 0) {
if (ci == NULL || (ci->test && ci->user == NULL)) {
result = 0;
- continue;
+ goto next;
}
if (ci->user == NULL)
match_test_missing_fatal("User", "user");
@@ -1120,7 +1120,7 @@ match_cfg_line(const char *full_line, int *acp, char ***avp,
} else if (strcasecmp(attrib, "group") == 0) {
if (ci == NULL || (ci->test && ci->user == NULL)) {
result = 0;
- continue;
+ goto next;
}
if (ci->user == NULL)
match_test_missing_fatal("Group", "user");
@@ -1134,7 +1134,7 @@ match_cfg_line(const char *full_line, int *acp, char ***avp,
} else if (strcasecmp(attrib, "host") == 0) {
if (ci == NULL || (ci->test && ci->host == NULL)) {
result = 0;
- continue;
+ goto next;
}
if (ci->host == NULL)
match_test_missing_fatal("Host", "host");
@@ -1149,7 +1149,7 @@ match_cfg_line(const char *full_line, int *acp, char ***avp,
fatal("Invalid Match address argument "
"'%s' at line %d", arg, line);
result = 0;
- continue;
+ goto next;
}
if (ci->address == NULL)
match_test_missing_fatal("Address", "addr");
@@ -1173,7 +1173,7 @@ match_cfg_line(const char *full_line, int *acp, char ***avp,
"argument '%s' at line %d", arg,
line);
result = 0;
- continue;
+ goto next;
}
if (ci->laddress == NULL)
match_test_missing_fatal("LocalAddress",
@@ -1201,7 +1201,7 @@ match_cfg_line(const char *full_line, int *acp, char ***avp,
}
if (ci == NULL || (ci->test && ci->lport == -1)) {
result = 0;
- continue;
+ goto next;
}
if (ci->lport == 0)
match_test_missing_fatal("LocalPort", "lport");
@@ -1215,7 +1215,7 @@ match_cfg_line(const char *full_line, int *acp, char ***avp,
} else if (strcasecmp(attrib, "rdomain") == 0) {
if (ci == NULL || (ci->test && ci->rdomain == NULL)) {
result = 0;
- continue;
+ goto next;
}
if (ci->rdomain == NULL)
match_test_missing_fatal("RDomain", "rdomain");
@@ -1237,6 +1237,7 @@ match_cfg_line(const char *full_line, int *acp, char ***avp,
result = -1;
goto out;
}
+ next:
free(attrib);
attrib = NULL;
}
--
To stop receiving notification emails like this one, please contact
djm at mindrot.org.
More information about the openssh-commits
mailing list