auth: Avoid memory leaks during agent authentication

Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Norbert Pocs <npocs@redhat.com>
2026-02-07 10:40:28 +09:00 · 2023-04-26 15:43:50 +02:00
parent fa94777ed9
commit 655cda2b0e
1 changed files with 3 additions and 2 deletions
--- a/src/auth.c
+++ b/src/auth.c
@@ -1014,6 +1014,7 @@ int ssh_userauth_agent(ssh_session session,
                            "not listed in config, skipping", state->comment);
                    SSH_STRING_FREE_CHAR(state->comment);
                    state->comment = NULL;
+                    SSH_KEY_FREE(state->pubkey);
                    state->pubkey = ssh_agent_get_next_ident(
                        session, &state->comment);

@@ -1039,7 +1040,7 @@ int ssh_userauth_agent(ssh_session session,
                        "Public key of %s refused by server", state->comment);
                SSH_STRING_FREE_CHAR(state->comment);
                state->comment = NULL;
-                ssh_key_free(state->pubkey);
+                SSH_KEY_FREE(state->pubkey);
                state->pubkey = ssh_agent_get_next_ident(session, &state->comment);
                state->state = SSH_AGENT_STATE_NONE;
                continue;
@@ -1063,7 +1064,7 @@ int ssh_userauth_agent(ssh_session session,
            } else if (rc != SSH_AUTH_SUCCESS) {
                SSH_LOG(SSH_LOG_DEBUG,
                        "Server accepted public key but refused the signature");
-                ssh_key_free(state->pubkey);
+                SSH_KEY_FREE(state->pubkey);
                state->pubkey = ssh_agent_get_next_ident(session, &state->comment);
                state->state = SSH_AGENT_STATE_NONE;
                continue;