shinys000114/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2026-02-12 11:10:28 +09:00
Code Issues Packages Projects Releases Wiki Activity

ecdh: Avoid memory leaks

Browse Source 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Norbert Pocs <npocs@redhat.com>
This commit is contained in:
Jakub Jelen
2023-04-26 15:24:29 +02:00
parent ae59d21e93
commit fa94777ed9
1 changed files with 14 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
src/ecdh_crypto.c
View File

@@ -72,12 +72,14 @@ static const char *ecdh_kex_type_to_curve(enum ssh_key_exchange_e kex_type) {
static ssh_string ssh_ecdh_generate(ssh_session session) static ssh_string ssh_ecdh_generate(ssh_session session)
{ {
ssh_string pubkey_string = NULL; ssh_string pubkey_string = NULL;
const EC_GROUP *group = NULL;
const EC_POINT *point = NULL;
#if OPENSSL_VERSION_NUMBER < 0x30000000L #if OPENSSL_VERSION_NUMBER < 0x30000000L
const EC_POINT *point = NULL;
const EC_GROUP *group = NULL;
EC_KEY *key = NULL; EC_KEY *key = NULL;
int curve; int curve;
#else #else
EC_POINT *point = NULL;
EC_GROUP *group = NULL;
const char *curve = NULL; const char *curve = NULL;
EVP_PKEY *key = NULL; EVP_PKEY *key = NULL;
OSSL_PARAM *out_params = NULL; OSSL_PARAM *out_params = NULL;
@@ -115,6 +117,8 @@ static ssh_string ssh_ecdh_generate(ssh_session session)
EC_KEY_generate_key(key); EC_KEY_generate_key(key);
point = EC_KEY_get0_public_key(key); point = EC_KEY_get0_public_key(key);
pubkey_string = pki_key_make_ecpoint_string(group, point);
#else #else
rc = EVP_PKEY_todata(key, EVP_PKEY_PUBLIC_KEY, &out_params); rc = EVP_PKEY_todata(key, EVP_PKEY_PUBLIC_KEY, &out_params);
if (rc != 1) { if (rc != 1) {
@@ -159,20 +163,25 @@ static ssh_string ssh_ecdh_generate(ssh_session session)
SSH_FATAL, SSH_FATAL,
"Could not create point: %s", "Could not create point: %s",
ERR_error_string(ERR_get_error(), NULL)); ERR_error_string(ERR_get_error(), NULL));
EC_GROUP_free(group);
OSSL_PARAM_free(out_params); OSSL_PARAM_free(out_params);
EVP_PKEY_free(key); EVP_PKEY_free(key);
return NULL; return NULL;
} }
rc = EC_POINT_oct2point(group, (EC_POINT *)point, pubkey, pubkey_len, NULL); rc = EC_POINT_oct2point(group, point, pubkey, pubkey_len, NULL);
OSSL_PARAM_free(out_params); OSSL_PARAM_free(out_params);
if (rc != 1) { if (rc != 1) {
SSH_LOG(SSH_LOG_TRACE, "Failed to export public key"); SSH_LOG(SSH_LOG_TRACE, "Failed to export public key");
EC_GROUP_free(group);
EC_POINT_free(point);
EVP_PKEY_free(key); EVP_PKEY_free(key);
return NULL; return NULL;
} }
#endif /* OPENSSL_VERSION_NUMBER */
pubkey_string = pki_key_make_ecpoint_string(group, point); pubkey_string = pki_key_make_ecpoint_string(group, point);
EC_GROUP_free(group);
EC_POINT_free(point);
#endif /* OPENSSL_VERSION_NUMBER */
if (pubkey_string == NULL) { if (pubkey_string == NULL) {
SSH_LOG(SSH_LOG_TRACE, "Failed to convert public key"); SSH_LOG(SSH_LOG_TRACE, "Failed to convert public key");
#if OPENSSL_VERSION_NUMBER < 0x30000000L #if OPENSSL_VERSION_NUMBER < 0x30000000L
@@ -352,6 +361,7 @@ int ecdh_build_k(ssh_session session)
} }
rc = EVP_PKEY_derive_set_peer(dh_ctx, pubkey); rc = EVP_PKEY_derive_set_peer(dh_ctx, pubkey);
EVP_PKEY_free(pubkey);
if (rc != 1) { if (rc != 1) {
ssh_set_error(session, ssh_set_error(session,
SSH_FATAL, SSH_FATAL,