From a3c28f2558481536c03dcfbc2d3b3a7c925b900f Mon Sep 17 00:00:00 2001 From: Aris Adamantiadis Date: Mon, 13 Jun 2011 14:06:30 +0200 Subject: [PATCH] Fix memory leak --- src/ecdh.c | 3 ++- src/wrapper.c | 20 ++++++++++++++++++-- 2 files changed, 20 insertions(+), 3 deletions(-) diff --git a/src/ecdh.c b/src/ecdh.c index 20840c8d..05e4ab92 100644 --- a/src/ecdh.c +++ b/src/ecdh.c @@ -104,7 +104,8 @@ static int ecdh_build_k(ssh_session session) { ECDH_compute_key(buffer,len,pubkey,session->next_crypto->ecdh_privkey,NULL); BN_bin2bn(buffer,len,session->next_crypto->k); free(buffer); - + EC_KEY_free(session->next_crypto->ecdh_privkey); + session->next_crypto->ecdh_privkey=NULL; #ifdef DEBUG_CRYPTO ssh_print_hexa("Session server cookie", session->server_kex.cookie, 16); ssh_print_hexa("Session client cookie", session->client_kex.cookie, 16); diff --git a/src/wrapper.c b/src/wrapper.c index 11482f88..5a6ed084 100644 --- a/src/wrapper.c +++ b/src/wrapper.c @@ -111,7 +111,8 @@ void crypto_free(struct ssh_crypto_struct *crypto){ bignum_free(crypto->x); bignum_free(crypto->y); bignum_free(crypto->k); - /* lot of other things */ + SAFE_FREE(crypto->ecdh_client_pubkey); + SAFE_FREE(crypto->ecdh_server_pubkey); #ifdef WITH_LIBZ if (crypto->compress_out_ctx && @@ -123,8 +124,23 @@ void crypto_free(struct ssh_crypto_struct *crypto){ inflateEnd(crypto->compress_in_ctx); } #endif + if(crypto->encryptIV) + SAFE_FREE(crypto->encryptIV); + if(crypto->decryptIV) + SAFE_FREE(crypto->decryptIV); + if(crypto->encryptMAC) + SAFE_FREE(crypto->encryptMAC); + if(crypto->decryptMAC) + SAFE_FREE(crypto->decryptMAC); + if(crypto->encryptkey){ + memset(crypto->encryptkey, 0, crypto->digest_len); + SAFE_FREE(crypto->encryptkey); + } + if(crypto->decryptkey){ + memset(crypto->decryptkey, 0, crypto->digest_len); + SAFE_FREE(crypto->decryptkey); + } - /* i'm lost in my own code. good work */ memset(crypto,0,sizeof(*crypto)); SAFE_FREE(crypto);