diff options
author | Jon Simons <jon@jonsimons.org> | 2018-05-25 03:56:54 -0700 |
---|---|---|
committer | Andreas Schneider <asn@cryptomilk.org> | 2018-06-27 21:25:34 +0200 |
commit | 7798d39187b5d586c9a9edfffd43a0a0faf5cfc4 (patch) | |
tree | 84e0a9af34fbc6733ebc4c2a99dd88d339dddbaa /src | |
parent | 58ef1e96b8b28767351d33e2b7481df67c6417fa (diff) | |
download | libssh-7798d39187b5d586c9a9edfffd43a0a0faf5cfc4.tar.gz libssh-7798d39187b5d586c9a9edfffd43a0a0faf5cfc4.tar.xz libssh-7798d39187b5d586c9a9edfffd43a0a0faf5cfc4.zip |
dh: fix two leaks in `ssh_get_pubkey_hash`
Fix two memory leaks in `ssh_get_pubkey_hash` for some error paths.
The local `h` buffer and `ctx` MD5 context each must be free'd for
the SSH_ERROR cases.
Introduced with 16217454d576511f37f39c3169963629f9d5082f.
Signed-off-by: Jon Simons <jon@jonsimons.org>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Diffstat (limited to 'src')
-rw-r--r-- | src/dh.c | 9 |
1 files changed, 7 insertions, 2 deletions
@@ -1008,15 +1008,20 @@ int ssh_get_pubkey_hash(ssh_session session, unsigned char **hash) { } rc = ssh_get_server_publickey(session, &pubkey); - if (rc != 0) { + if (rc != SSH_OK) { + md5_final(h, ctx); SAFE_FREE(h); return SSH_ERROR; } rc = ssh_pki_export_pubkey_blob(pubkey, &pubkey_blob); ssh_key_free(pubkey); - if (rc != 0) { + if (rc != SSH_OK) { + md5_final(h, ctx); + SAFE_FREE(h); + return SSH_ERROR; } + md5_update(ctx, ssh_string_data(pubkey_blob), ssh_string_len(pubkey_blob)); ssh_string_free(pubkey_blob); md5_final(h, ctx); |