On Fri, 2019-03-29 at 12:29 +0100, Jakub Jelen wrote:
> On Wed, 2019-03-27 at 22:00 +1100, Damien Miller wrote:
> > Hi,
> >
> > OpenSSH 8.0p1 is almost ready for release, so we would appreciate
> > testing
> > on as many platforms and systems as possible.
> >
> > Snapshot releases for portable OpenSSH are available from
> > http://www.mindrot.org/openssh_snap/
> >
> > The OpenBSD version is available in CVS HEAD:
> > http://www.openbsd.org/anoncvs.html
> >
> > Portable OpenSSH is also available via git using the
> > instructions at http://www.openssh.com/portable.html#cvs
> > At https://anongit.mindrot.org/openssh.git/ or via a mirror at
> > Github:
> > https://github.com/openssh/openssh-portable
> >
> > Running the regression tests supplied with Portable OpenSSH does
> > not
> > require installation and is a simply:
> >
> > $ ./configure && make tests
>
> For now, I have only one comment, but I plan to run more tests in our
> environment.
I noticed few memory leaks from the client so far.
Patch fixing these two is attached.
Thanks,
--
Jakub Jelen
Senior Software Engineer
Security Technologies
Red Hat, Inc.
From d8b94d9fbbccd821575772bf1b9171faba2b24b8 Mon Sep 17 00:00:00 2001
From: Jakub Jelen <jjelen@xxxxxxxxxx>
Date: Fri, 5 Apr 2019 14:34:27 +0200
Subject: [PATCH] sshconnect2.c: Avoid memory leaks
---
sshconnect2.c | 8 +++++---
1 file changed, 5 insertions(+), 3 deletions(-)
diff --git a/sshconnect2.c b/sshconnect2.c
index 0a5baacc..02e131fd 100644
--- a/sshconnect2.c
+++ b/sshconnect2.c
@@ -158,7 +158,7 @@ void
ssh_kex2(struct ssh *ssh, char *host, struct sockaddr *hostaddr, u_short port)
{
char *myproposal[PROPOSAL_MAX] = { KEX_CLIENT };
- char *s, *all_key;
+ char *s = NULL, *all_key;
int r;
xxx_host = host;
@@ -167,6 +167,7 @@ ssh_kex2(struct ssh *ssh, char *host, struct sockaddr *hostaddr, u_short port)
if ((s = kex_names_cat(options.kex_algorithms, "ext-info-c")) == NULL)
fatal("%s: kex_names_cat", __func__);
myproposal[PROPOSAL_KEX_ALGS] = compat_kex_proposal(s);
+ free(s);
myproposal[PROPOSAL_ENC_ALGS_CTOS] =
compat_cipher_proposal(options.ciphers);
myproposal[PROPOSAL_ENC_ALGS_STOC] =
@@ -194,9 +195,10 @@ ssh_kex2(struct ssh *ssh, char *host, struct sockaddr *hostaddr, u_short port)
/* Enforce default */
options.hostkeyalgorithms = xstrdup(KEX_DEFAULT_PK_ALG);
/* Prefer algorithms that we already have keys for */
+ s = order_hostkeyalgs(host, hostaddr, port, KEX_DEFAULT_PK_ALG);
myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] =
- compat_pkalg_proposal(
- order_hostkeyalgs(host, hostaddr, port, KEX_DEFAULT_PK_ALG));
+ compat_pkalg_proposal(s);
+ free(s);
}
if (options.rekey_limit || options.rekey_interval)
--
2.20.1
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
