aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndreas Schneider <asn@cryptomilk.org>2012-10-08 21:10:06 +0200
committerAndreas Schneider <asn@cryptomilk.org>2012-10-12 08:07:01 +0200
commit66045054f46c50add4099ead6d87c3345987eab8 (patch)
tree33be879bfa944e91cf97b9aee0dfda03bd18b031
parent96e0301b58ad53c0cdbd2fb538284e788449ee5c (diff)
downloadlibssh-66045054f46c50add4099ead6d87c3345987eab8.tar.gz
libssh-66045054f46c50add4099ead6d87c3345987eab8.tar.xz
libssh-66045054f46c50add4099ead6d87c3345987eab8.zip
auth: Don't leak memory on error in info request callback.
Found by Coverity.
-rw-r--r--src/auth.c8
1 files changed, 5 insertions, 3 deletions
diff --git a/src/auth.c b/src/auth.c
index 28905fd1..7c335370 100644
--- a/src/auth.c
+++ b/src/auth.c
@@ -1741,15 +1741,16 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_info_request) {
tmp = buffer_get_ssh_string(packet);
buffer_get_u32(packet, &nprompts);
- if (name == NULL || instruction == NULL || tmp == NULL) {
+ /* We don't care about tmp */
+ ssh_string_free(tmp);
+
+ if (name == NULL || instruction == NULL) {
ssh_string_free(name);
ssh_string_free(instruction);
- /* tmp if empty if we got here */
ssh_set_error(session, SSH_FATAL, "Invalid USERAUTH_INFO_REQUEST msg");
leave_function();
return SSH_PACKET_USED;
}
- ssh_string_free(tmp);
if (session->kbdint == NULL) {
session->kbdint = ssh_kbdint_new();
@@ -1770,6 +1771,7 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_info_request) {
if (session->kbdint->name == NULL) {
ssh_set_error_oom(session);
ssh_kbdint_free(session->kbdint);
+ ssh_string_free(instruction);
leave_function();
return SSH_PACKET_USED;
}