dh-gex: Fix memory leak in DH GEX with OpenSSL

When using OpenSSL, the bignums generated during group exchange are duplicated and don't transfer the memory management responsibility to the back-end. The original generated bignums can be freed. The leak was detectable by running: $ valgrind --leak-check=full ./tests/pkd/pkd_hello -i1 \ -t torture_pkd_openssh_rsa_rsa_diffie_hellman_group_exchange_sha256 Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2026-02-06 18:29:50 +09:00 · 2019-05-17 11:41:51 +02:00
parent 38f9802eec
commit 59ba3f1896
1 changed files with 6 additions and 0 deletions
--- a/src/dh-gex.c
+++ b/src/dh-gex.c
@@ -634,6 +634,12 @@ static SSH_PACKET_CALLBACK(ssh_packet_server_dhgex_request)
                         SSH2_MSG_KEX_DH_GEX_GROUP,
                         modulus,
                         generator);
+
+#ifdef HAVE_LIBCRYPTO
+        bignum_safe_free(generator);
+        bignum_safe_free(modulus);
+#endif
+
    if (rc != SSH_OK) {
        ssh_set_error_invalid(session);
        goto error;