aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndreas Schneider <asn@cryptomilk.org>2012-02-04 20:49:34 +0100
committerAndreas Schneider <asn@cryptomilk.org>2012-02-04 21:06:33 +0100
commita311ec32b1146a6fbf8561931f065e4c78ae7a10 (patch)
treeb4adb977538fa084220bda3ae030df556f0da92c
parent4223c8a1166d2d155fc824b2881724a92c39461d (diff)
downloadlibssh-a311ec32b1146a6fbf8561931f065e4c78ae7a10.tar.gz
libssh-a311ec32b1146a6fbf8561931f065e4c78ae7a10.tar.xz
libssh-a311ec32b1146a6fbf8561931f065e4c78ae7a10.zip
ecdh: Fix a memory leak in ecdh_build_k().
Thanks to Tom Judge for the report.
-rw-r--r--src/ecdh.c14
1 files changed, 9 insertions, 5 deletions
diff --git a/src/ecdh.c b/src/ecdh.c
index b0fd212..292e997 100644
--- a/src/ecdh.c
+++ b/src/ecdh.c
@@ -77,23 +77,26 @@ static void ecdh_import_pubkey(ssh_session session, ssh_string pubkey_string) {
static int ecdh_build_k(ssh_session session) {
const EC_GROUP *group = EC_KEY_get0_group(session->next_crypto->ecdh_privkey);
- EC_POINT *pubkey=EC_POINT_new(group);
+ EC_POINT *pubkey;
void *buffer;
int len = (EC_GROUP_get_degree(group) + 7) / 8;
-#ifdef HAVE_LIBCRYPTO
bignum_CTX ctx = bignum_ctx_new();
if (ctx == NULL) {
return -1;
}
-#endif
session->next_crypto->k = bignum_new();
if (session->next_crypto->k == NULL) {
-#ifdef HAVE_LIBCRYPTO
bignum_ctx_free(ctx);
-#endif
return -1;
}
+
+ pubkey = EC_POINT_new(group);
+ if (pubkey == NULL) {
+ bignum_ctx_free(ctx);
+ return -1;
+ }
+
if (session->server)
EC_POINT_oct2point(group,pubkey,ssh_string_data(session->next_crypto->ecdh_client_pubkey),
ssh_string_len(session->next_crypto->ecdh_client_pubkey),ctx);
@@ -102,6 +105,7 @@ static int ecdh_build_k(ssh_session session) {
ssh_string_len(session->next_crypto->ecdh_server_pubkey),ctx);
buffer = malloc(len);
ECDH_compute_key(buffer,len,pubkey,session->next_crypto->ecdh_privkey,NULL);
+ EC_POINT_free(pubkey);
BN_bin2bn(buffer,len,session->next_crypto->k);
free(buffer);
EC_KEY_free(session->next_crypto->ecdh_privkey);