From ee7ee2404a5ef88d2be0a5ad0fd93df3775304e6 Mon Sep 17 00:00:00 2001
From: Jakub Jelen <jjelen@redhat.com>
Date: Mon, 16 Dec 2019 17:09:54 +0100
Subject: [PATCH] libgcrypt: Do not leak memory with invalid key lengths

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit 7e692ee1b6f0c78008ad2143174d080a4db4b254)
---
 src/libgcrypt.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/libgcrypt.c b/src/libgcrypt.c
index 17d544ea..8fbf2157 100644
--- a/src/libgcrypt.c
+++ b/src/libgcrypt.c
@@ -328,6 +328,10 @@ static int aes_set_key(struct ssh_cipher_struct *cipher, void *key, void *IV) {
           return -1;
         }
         break;
+      default:
+        SSH_LOG(SSH_LOG_WARNING, "Unksupported key length %u.", cipher->keysize);
+        SAFE_FREE(cipher->key);
+        return -1;
     }
     if (gcry_cipher_setkey(cipher->key[0], key, cipher->keysize / 8)) {
       SAFE_FREE(cipher->key);