?? memory leak in 3des1

pruiksma at freesurf.fr pruiksma at freesurf.fr
Tue Dec 23 07:06:15 EST 2003


quoted patch free's cipher_data malloc'd in calls to EVP_CipherInit() in
ssh1_3des_init(), at least linked with openssl >= 0.9.7.  It does not
appear to me (superficial scan) that there is any harm in calling the
_cleanup routine with earlier openssl.



--- openssh-3.7.1p2/cipher-3des1.c      Tue Sep 23 05:24:21 2003
+++ src37m/cipher-3des1.c       Mon Dec 15 08:26:30 2003
@@ -126,6 +126,11 @@
        struct ssh1_3des_ctx *c;

        if ((c = EVP_CIPHER_CTX_get_app_data(ctx)) != NULL) {
+#ifndef SSH_OLD_EVP
+               EVP_CIPHER_CTX_cleanup(&c->k1);
+               EVP_CIPHER_CTX_cleanup(&c->k2);
+               EVP_CIPHER_CTX_cleanup(&c->k3);
                memset(c, 0, sizeof(*c));
                EVP_CIPHER_CTX_set_app_data(ctx, NULL);

OK, my reading of the code may be faulty, but is it that much worse than all
the sex-aid messages that make it onto the list?

<openssh-unix-dev at mindrot.org>: does not like recipient.
Remote host said: 450 Client host rejected: cannot find your hostname,
Giving up on
I'm not going to try again; this message has been in the queue too long.

More information about the openssh-unix-dev mailing list