shinys000114/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2026-02-11 18:50:28 +09:00
Code Issues Packages Projects Releases Wiki Activity

config: fix memory leak with repeated opcodes

Browse Source 
Fix a memory leak in the path where parsing returns early due
to seeing a repeated opcode.  A testcase is added which
demonstrates the leak and fix with valgrind.

Resolves CID 1374267.

Signed-off-by: Jon Simons <jon@jonsimons.org>
This commit is contained in:
Jon Simons
2017-09-09 20:11:47 -07:00
committed by Andreas Schneider
parent 94fa1e382f
commit 1c9eb4dfb9
2 changed files with 21 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
src/config.c
View File

@@ -251,6 +251,7 @@ static int ssh_config_parse_line(ssh_session session, const char *line,
opcode = ssh_config_get_opcode(keyword); opcode = ssh_config_get_opcode(keyword);
if (*parsing == 1 && opcode != SOC_HOST && opcode != SOC_UNSUPPORTED && opcode != SOC_INCLUDE) { if (*parsing == 1 && opcode != SOC_HOST && opcode != SOC_UNSUPPORTED && opcode != SOC_INCLUDE) {
if (seen[opcode] != 0) { if (seen[opcode] != 0) {
SAFE_FREE(x);
return 0; return 0;
} }
seen[opcode] = 1; seen[opcode] = 1;

21
tests/unittests/torture_config.c
View File

@@ -6,6 +6,7 @@
#define LIBSSH_TESTCONFIG1 "libssh_testconfig1.tmp" #define LIBSSH_TESTCONFIG1 "libssh_testconfig1.tmp"
#define LIBSSH_TESTCONFIG2 "libssh_testconfig2.tmp" #define LIBSSH_TESTCONFIG2 "libssh_testconfig2.tmp"
#define LIBSSH_TESTCONFIG3 "libssh_testconfig3.tmp" #define LIBSSH_TESTCONFIG3 "libssh_testconfig3.tmp"
#define LIBSSH_TESTCONFIG4 "libssh_testconfig4.tmp"
#define USERNAME "testuser" #define USERNAME "testuser"
#define PROXYCMD "ssh -q -W %h:%p gateway.example.com" #define PROXYCMD "ssh -q -W %h:%p gateway.example.com"
@@ -18,6 +19,7 @@ static int setup_config_files(void **state)
unlink(LIBSSH_TESTCONFIG1); unlink(LIBSSH_TESTCONFIG1);
unlink(LIBSSH_TESTCONFIG2); unlink(LIBSSH_TESTCONFIG2);
unlink(LIBSSH_TESTCONFIG3); unlink(LIBSSH_TESTCONFIG3);
unlink(LIBSSH_TESTCONFIG4);
torture_write_file(LIBSSH_TESTCONFIG1, torture_write_file(LIBSSH_TESTCONFIG1,
"User "USERNAME"\nInclude "LIBSSH_TESTCONFIG2"\n\n"); "User "USERNAME"\nInclude "LIBSSH_TESTCONFIG2"\n\n");
@@ -27,6 +29,10 @@ static int setup_config_files(void **state)
torture_write_file(LIBSSH_TESTCONFIG3, torture_write_file(LIBSSH_TESTCONFIG3,
"\n\nIdentityFile "ID_FILE"\n"); "\n\nIdentityFile "ID_FILE"\n");
/* Multiple Port settings -> parsing returns early. */
torture_write_file(LIBSSH_TESTCONFIG4,
"Port 123\nPort 456\n");
session = ssh_new(); session = ssh_new();
*state = session; *state = session;
@@ -38,6 +44,7 @@ static int teardown(void **state)
unlink(LIBSSH_TESTCONFIG1); unlink(LIBSSH_TESTCONFIG1);
unlink(LIBSSH_TESTCONFIG2); unlink(LIBSSH_TESTCONFIG2);
unlink(LIBSSH_TESTCONFIG3); unlink(LIBSSH_TESTCONFIG3);
unlink(LIBSSH_TESTCONFIG4);
ssh_free(*state); ssh_free(*state);
@@ -46,7 +53,7 @@ static int teardown(void **state)
/** /**
* @brief tests the privatekey_from_file function with passphrase * @brief tests ssh_config_parse_file with Include directives
*/ */
static void torture_config_from_file(void **state) { static void torture_config_from_file(void **state) {
ssh_session session = *state; ssh_session session = *state;
@@ -78,12 +85,24 @@ static void torture_config_from_file(void **state) {
} }
/**
* @brief tests ssh_config_parse_file with multiple Port settings.
*/
static void torture_config_double_ports(void **state) {
ssh_session session = *state;
int ret = ssh_config_parse_file(session, LIBSSH_TESTCONFIG4);
assert_true(ret == 0);
}
int torture_run_tests(void) { int torture_run_tests(void) {
int rc; int rc;
struct CMUnitTest tests[] = { struct CMUnitTest tests[] = {
cmocka_unit_test_setup_teardown(torture_config_from_file, cmocka_unit_test_setup_teardown(torture_config_from_file,
setup_config_files, setup_config_files,
teardown), teardown),
cmocka_unit_test_setup_teardown(torture_config_double_ports,
setup_config_files,
teardown),
}; };