shinys000114/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2026-02-04 12:20:42 +09:00
Code Issues Packages Projects Releases Wiki Activity

dh-gex: fix double-ssh_dh_init_common memory leak

Browse Source 
Fix a memory leak whereby the x, y, and k bignum fields within
a session's next_crypto structure were being unintentionally
initialized twice.

The leak can be seen before the fix with valgrind and the pkd
tests with:

    valgrind \
      --leak-check=full \
      --show-leak-kinds=definite \
      ./pkd_hello -i1 -t torture_pkd_openssh_rsa_rsa_diffie_hellman_group_exchange_sha256

Signed-off-by: Jon Simons <jon@jonsimons.org>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
This commit is contained in:
Jon Simons
2019-01-29 20:06:12 -05:00
committed by Andreas Schneider
parent 886681a421
commit b44987a164
1 changed files with 0 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/dh-gex.c
View File

@@ -552,12 +552,6 @@ static SSH_PACKET_CALLBACK(ssh_packet_server_dhgex_request)
goto error;
}
rc = ssh_dh_init_common(session);
if (rc != SSH_OK){
ssh_set_error_oom(session);
goto error;
}
/* Minimum group size, preferred group size, maximum group size */
rc = ssh_buffer_unpack(packet, "ddd", &pmin, &pn, &pmax);
if (rc != SSH_OK){