[Bug 2942] New: minor memory leak in ssh_set_newkeys()

bugzilla-daemon at bugzilla.mindrot.org bugzilla-daemon at bugzilla.mindrot.org
Fri Dec 7 21:19:40 AEDT 2018


            Bug ID: 2942
           Summary: minor memory leak in ssh_set_newkeys()
           Product: Portable OpenSSH
           Version: 7.9p1
          Hardware: All
                OS: Mac OS X
            Status: NEW
          Severity: trivial
          Priority: P5
         Component: ssh
          Assignee: unassigned-bugs at mindrot.org
          Reporter: markus at blueflash.cc

During initialization there a memory leak occurs in 

During startup  ssh_set_newkeys()  is called twice, once with MODE_OUT
and once with MODE_IN.

Accordingly the ccp pointer points to state->send_context and

At this time state->newkeys[mode] is stil NULL, so the if-clause
("rekeying") does not apply.

Further down cipher_init(ccp, ) is called.

First thing that cipher_init() does is setting *ccp= NULL;  which is be
equivalent to "state->send_context= NULL" (or "state->send_context=

These point to memory blocks already.
The pointers are lost, the memory leaks. 

Proposal: move 

                *ccp = NULL;

from the "rekeying" if-clause and place these two lines before calling

Alternately add 

          if (*ccp!=NULL) {
                *ccp = NULL;

before calling cipher_init().

You are receiving this mail because:
You are watching the assignee of the bug.

More information about the openssh-bugs mailing list