shinys000114/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2026-02-28 07:13:54 +09:00
Code Issues Packages Projects Releases Wiki Activity

gss-kex: Release output_token and mic on error paths

Browse Source 
Signed-off-by: Pavol Žáčik <pzacik@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
This commit is contained in:
Pavol Žáčik
2026-02-13 11:24:13 +01:00
committed by Jakub Jelen
parent 2f1f474e27
commit 47e9b5536a
1 changed files with 4 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
src/kex-gss.c
View File

@@ -591,6 +591,7 @@ int ssh_server_gss_kex_process_init(ssh_session session, ssh_buffer packet)
if (!(ret_flags & GSS_C_INTEG_FLAG) || !(ret_flags & GSS_C_MUTUAL_FLAG)) { if (!(ret_flags & GSS_C_INTEG_FLAG) || !(ret_flags & GSS_C_MUTUAL_FLAG)) {
SSH_LOG(SSH_LOG_WARN, SSH_LOG(SSH_LOG_WARN,
"GSSAPI(accept) integrity and mutual flags were not set"); "GSSAPI(accept) integrity and mutual flags were not set");
gss_release_buffer(&min_stat, &output_token);
goto error; goto error;
} }
SSH_LOG(SSH_LOG_DEBUG, "token accepted"); SSH_LOG(SSH_LOG_DEBUG, "token accepted");
@@ -607,6 +608,7 @@ int ssh_server_gss_kex_process_init(ssh_session session, ssh_buffer packet)
"creating mic failed", "creating mic failed",
maj_stat, maj_stat,
min_stat); min_stat);
gss_release_buffer(&min_stat, &output_token);
goto error; goto error;
} }
@@ -621,15 +623,14 @@ int ssh_server_gss_kex_process_init(ssh_session session, ssh_buffer packet)
output_token.length, output_token.length,
(size_t)output_token.length, (size_t)output_token.length,
output_token.value); output_token.value);
gss_release_buffer(&min_stat, &output_token);
gss_release_buffer(&min_stat, &mic);
if (rc != SSH_OK) { if (rc != SSH_OK) {
ssh_set_error_oom(session); ssh_set_error_oom(session);
ssh_buffer_reinit(session->out_buffer); ssh_buffer_reinit(session->out_buffer);
goto error; goto error;
} }
gss_release_buffer(&min_stat, &output_token);
gss_release_buffer(&min_stat, &mic);
rc = ssh_packet_send(session); rc = ssh_packet_send(session);
if (rc == SSH_ERROR) { if (rc == SSH_ERROR) {
goto error; goto error;