[PATCH 1/12] bug fix: openssh-4.3p2 memory leak

Kylene Jo Hall kjhall at us.ibm.com
Tue May 16 06:18:54 EST 2006


The variable cmd is xmalloc'd by buffer_get_string.  It is then used in
some places but never freed.  This patch places the xfree after the last
usage and within the confines of all paths.  This entire set of patches
passed the regression tests on my system.  Memory leak bug found by
Coverity.

Signed-off-by: Kylene Hall <kjhall at us.ibm.com>
---
clientloop.c |    2 ++
1 files changed, 2 insertions(+)

diff -uprN openssh-4.3p2/clientloop.c openssh-4.3p2-kylie/clientloop.c
--- openssh-4.3p2/clientloop.c	2005-12-30 23:22:32.000000000 -0600
+++ openssh-4.3p2-kylie/clientloop.c	2006-05-04 10:36:49.000000000 -0500
@@ -833,6 +833,8 @@ client_process_control(fd_set * readset)
 	debug2("%s: accepted tty %d, subsys %d, cmd %s", __func__,
 	    cctx->want_tty, cctx->want_subsys, cmd);
 
+	xfree(cmd);
+
 	/* Gather fds from client */
 	new_fd[0] = mm_receive_fd(client_fd);
 	new_fd[1] = mm_receive_fd(client_fd);





More information about the openssh-unix-dev mailing list