shinys000114/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2026-02-09 09:54:25 +09:00
Code Issues Packages Projects Releases Wiki Activity

CVE-2025-5449 sftpserver: Avoid memory leak when we run out of handles during sftp_open

Browse Source 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
This commit is contained in:
Jakub Jelen
2025-04-22 21:37:29 +02:00
committed by Andreas Schneider
parent ae8881dfe5
commit db7f101d1c
1 changed files with 1 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
src/sftpserver.c
View File

@@ -935,6 +935,7 @@ process_open(sftp_client_message client_msg)
sftp_reply_handle(client_msg, handle_s); sftp_reply_handle(client_msg, handle_s);
ssh_string_free(handle_s); ssh_string_free(handle_s);
} else { } else {
free(h);
close(fd); close(fd);
SSH_LOG(SSH_LOG_PROTOCOL, "Failed to allocate handle"); SSH_LOG(SSH_LOG_PROTOCOL, "Failed to allocate handle");
sftp_reply_status(client_msg, SSH_FX_FAILURE, sftp_reply_status(client_msg, SSH_FX_FAILURE,