[PATCH] fix memory leak in client_global_hostkeys_prove_confirm
Boris Tonofa
boris.afonot at gmail.com
Sat Jun 14 05:44:39 AEST 2025
Hi,
This patch fixes a memory leak in client_global_hostkeys_prove_confirm().
The buffer 'signdata', allocated with sshbuf_new(), was not freed on any
exit path in this function. This patch ensures that the buffer is
properly released before returning.
The patch applies cleanly to current master and passes all CI tests.
GitHub mirror PR (with CI results):
https://github.com/openssh/openssh-portable/pull/574
Please review.
Thanks,
Boris
From 41ba11508d4486be441c85f853564335ff413971 Mon Sep 17 00:00:00 2001
From: Boris Tonofa <b.tonofa at ideco.ru>
Date: Thu, 12 Jun 2025 23:44:01 +0300
Subject: [PATCH] fix memory leak in client_global_hostkeys_prove_confirm
---
clientloop.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/clientloop.c b/clientloop.c
index 916fc077b..7293ecb8f 100644
--- a/clientloop.c
+++ b/clientloop.c
@@ -2420,6 +2420,7 @@ client_global_hostkeys_prove_confirm(struct ssh
*ssh, int type,
/* Make the edits to known_hosts */
update_known_hosts(ctx);
out:
+ sshbuf_free(signdata);
hostkeys_update_ctx_free(ctx);
hostkeys_update_complete = 1;
client_repledge();
--
2.47.0
More information about the openssh-unix-dev
mailing list