?? memory leak in 3des1
Markus Friedl
markus at openbsd.org
Tue Dec 23 07:29:14 EST 2003
looks ok to me.
but i don't see how this gets triggered, since
3des1.c is not used during rekeying...
On Mon, Dec 22, 2003 at 09:06:15PM +0100, pruiksma at freesurf.fr wrote:
> Hello,
>
> quoted patch free's cipher_data malloc'd in calls to EVP_CipherInit() in
> ssh1_3des_init(), at least linked with openssl >= 0.9.7. It does not
> appear to me (superficial scan) that there is any harm in calling the
> _cleanup routine with earlier openssl.
>
> fwiw
>
> :laird
>
>
> --- openssh-3.7.1p2/cipher-3des1.c Tue Sep 23 05:24:21 2003
> +++ src37m/cipher-3des1.c Mon Dec 15 08:26:30 2003
> @@ -126,6 +126,11 @@
> struct ssh1_3des_ctx *c;
>
> if ((c = EVP_CIPHER_CTX_get_app_data(ctx)) != NULL) {
> +#ifndef SSH_OLD_EVP
> + EVP_CIPHER_CTX_cleanup(&c->k1);
> + EVP_CIPHER_CTX_cleanup(&c->k2);
> + EVP_CIPHER_CTX_cleanup(&c->k3);
> +#endif
> memset(c, 0, sizeof(*c));
> xfree(c);
> EVP_CIPHER_CTX_set_app_data(ctx, NULL);
>
>
>
>
>
> OK, my reading of the code may be faulty, but is it that much worse than all
> the sex-aid messages that make it onto the list?
>
> <openssh-unix-dev at mindrot.org>:
> 203.217.30.81 does not like recipient.
> Remote host said: 450 Client host rejected: cannot find your hostname,
> [206.152.191.132]
> Giving up on 203.217.30.81.
> I'm not going to try again; this message has been in the queue too long.
>
>
>
>
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> http://www.mindrot.org/mailman/listinfo/openssh-unix-dev
More information about the openssh-unix-dev
mailing list