diff options
author | Andreas Schneider <asn@cryptomilk.org> | 2012-02-04 20:49:34 +0100 |
---|---|---|
committer | Andreas Schneider <asn@cryptomilk.org> | 2012-02-04 21:06:33 +0100 |
commit | a311ec32b1146a6fbf8561931f065e4c78ae7a10 (patch) | |
tree | b4adb977538fa084220bda3ae030df556f0da92c /src/ecdh.c | |
parent | 4223c8a1166d2d155fc824b2881724a92c39461d (diff) | |
download | libssh-a311ec32b1146a6fbf8561931f065e4c78ae7a10.tar.gz libssh-a311ec32b1146a6fbf8561931f065e4c78ae7a10.tar.xz libssh-a311ec32b1146a6fbf8561931f065e4c78ae7a10.zip |
ecdh: Fix a memory leak in ecdh_build_k().
Thanks to Tom Judge for the report.
Diffstat (limited to 'src/ecdh.c')
-rw-r--r-- | src/ecdh.c | 14 |
1 files changed, 9 insertions, 5 deletions
@@ -77,23 +77,26 @@ static void ecdh_import_pubkey(ssh_session session, ssh_string pubkey_string) { static int ecdh_build_k(ssh_session session) { const EC_GROUP *group = EC_KEY_get0_group(session->next_crypto->ecdh_privkey); - EC_POINT *pubkey=EC_POINT_new(group); + EC_POINT *pubkey; void *buffer; int len = (EC_GROUP_get_degree(group) + 7) / 8; -#ifdef HAVE_LIBCRYPTO bignum_CTX ctx = bignum_ctx_new(); if (ctx == NULL) { return -1; } -#endif session->next_crypto->k = bignum_new(); if (session->next_crypto->k == NULL) { -#ifdef HAVE_LIBCRYPTO bignum_ctx_free(ctx); -#endif return -1; } + + pubkey = EC_POINT_new(group); + if (pubkey == NULL) { + bignum_ctx_free(ctx); + return -1; + } + if (session->server) EC_POINT_oct2point(group,pubkey,ssh_string_data(session->next_crypto->ecdh_client_pubkey), ssh_string_len(session->next_crypto->ecdh_client_pubkey),ctx); @@ -102,6 +105,7 @@ static int ecdh_build_k(ssh_session session) { ssh_string_len(session->next_crypto->ecdh_server_pubkey),ctx); buffer = malloc(len); ECDH_compute_key(buffer,len,pubkey,session->next_crypto->ecdh_privkey,NULL); + EC_POINT_free(pubkey); BN_bin2bn(buffer,len,session->next_crypto->k); free(buffer); EC_KEY_free(session->next_crypto->ecdh_privkey); |