aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndreas Schneider <asn@cryptomilk.org>2017-04-24 13:27:20 +0200
committerAndreas Schneider <asn@cryptomilk.org>2017-04-24 13:28:17 +0200
commitd88cc720fb0a006f25748e1542634b4934071015 (patch)
treedcaed796ead83d4f7b8d193b58f91a653f28e179
parentee13becf9c60b13064aaed38c2b2886db542569b (diff)
downloadlibssh-d88cc720fb0a006f25748e1542634b4934071015.tar.gz
libssh-d88cc720fb0a006f25748e1542634b4934071015.tar.xz
libssh-d88cc720fb0a006f25748e1542634b4934071015.zip
messages: Do not leak memory if answeres had been allocated previously
Found by ozz-fuzz BUG: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1222 Signed-off-by: Andreas Schneider <asn@cryptomilk.org> (cherry picked from commit 5eb41492c452081b95eecad374a3ddef73cd384c)
-rw-r--r--src/messages.c1
1 files changed, 1 insertions, 0 deletions
diff --git a/src/messages.c b/src/messages.c
index 671a5c49..f93ae90b 100644
--- a/src/messages.c
+++ b/src/messages.c
@@ -964,6 +964,7 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_info_response){
goto error;
}
+ SAFE_FREE(session->kbdint->answers[i]);
session->kbdint->answers[i] = ssh_string_to_char(tmp);
ssh_string_free(tmp);
if (session->kbdint->answers[i] == NULL) {