?? memory leak in 3des1

pruiksma at freesurf.fr pruiksma at freesurf.fr
Tue Dec 23 22:13:59 EST 2003


> looks ok to me.
>
> but i don't see how this gets triggered, since
> 3des1.c is not used during rekeying...
>
True.  I'm under vxWorks, so the packet_close() at end of session that calls
this loses memory.  Not an issue under any more advanced OS.

Thanks,

:laird

> On Mon, Dec 22, 2003 at 09:06:15PM +0100, pruiksma at freesurf.fr wrote:
>> Hello,
>>
>> quoted patch free's cipher_data malloc'd in calls to EVP_CipherInit()
>> in ssh1_3des_init(), at least linked with openssl >= 0.9.7.  It does
>> not appear to me (superficial scan) that there is any harm in calling
>> the _cleanup routine with earlier openssl.
>>
>> fwiw
>>
>> :laird
>>
>>
>> --- openssh-3.7.1p2/cipher-3des1.c      Tue Sep 23 05:24:21 2003 +++
>> src37m/cipher-3des1.c       Mon Dec 15 08:26:30 2003
>> @@ -126,6 +126,11 @@
>>         struct ssh1_3des_ctx *c;
>>
>>         if ((c = EVP_CIPHER_CTX_get_app_data(ctx)) != NULL) {
>> +#ifndef SSH_OLD_EVP
>> +               EVP_CIPHER_CTX_cleanup(&c->k1);
>> +               EVP_CIPHER_CTX_cleanup(&c->k2);
>> +               EVP_CIPHER_CTX_cleanup(&c->k3);
>> +#endif
>>                 memset(c, 0, sizeof(*c));
>>                 xfree(c);
>>                 EVP_CIPHER_CTX_set_app_data(ctx, NULL);
>>
>>
>>
>>
>>
>> OK, my reading of the code may be faulty, but is it that much worse
>> than all the sex-aid messages that make it onto the list?
>>
>> <openssh-unix-dev at mindrot.org>:
>> 203.217.30.81 does not like recipient.
>> Remote host said: 450 Client host rejected: cannot find your hostname,
>> [206.152.191.132]
>> Giving up on 203.217.30.81.
>> I'm not going to try again; this message has been in the queue too
>> long.
>>
>>
>>
>>
>> _______________________________________________
>> openssh-unix-dev mailing list
>> openssh-unix-dev at mindrot.org
>> http://www.mindrot.org/mailman/listinfo/openssh-unix-dev






More information about the openssh-unix-dev mailing list