On Fri, 2019-03-29 at 12:29 +0100, Jakub Jelen wrote: > On Wed, 2019-03-27 at 22:00 +1100, Damien Miller wrote: > > Hi, > > > > OpenSSH 8.0p1 is almost ready for release, so we would appreciate > > testing > > on as many platforms and systems as possible. > > > > Snapshot releases for portable OpenSSH are available from > > http://www.mindrot.org/openssh_snap/ > > > > The OpenBSD version is available in CVS HEAD: > > http://www.openbsd.org/anoncvs.html > > > > Portable OpenSSH is also available via git using the > > instructions at http://www.openssh.com/portable.html#cvs > > At https://anongit.mindrot.org/openssh.git/ or via a mirror at > > Github: > > https://github.com/openssh/openssh-portable > > > > Running the regression tests supplied with Portable OpenSSH does > > not > > require installation and is a simply: > > > > $ ./configure && make tests > > For now, I have only one comment, but I plan to run more tests in our > environment. I noticed few memory leaks from the client so far. Patch fixing these two is attached. Thanks, -- Jakub Jelen Senior Software Engineer Security Technologies Red Hat, Inc.
From d8b94d9fbbccd821575772bf1b9171faba2b24b8 Mon Sep 17 00:00:00 2001 From: Jakub Jelen <jjelen@xxxxxxxxxx> Date: Fri, 5 Apr 2019 14:34:27 +0200 Subject: [PATCH] sshconnect2.c: Avoid memory leaks --- sshconnect2.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/sshconnect2.c b/sshconnect2.c index 0a5baacc..02e131fd 100644 --- a/sshconnect2.c +++ b/sshconnect2.c @@ -158,7 +158,7 @@ void ssh_kex2(struct ssh *ssh, char *host, struct sockaddr *hostaddr, u_short port) { char *myproposal[PROPOSAL_MAX] = { KEX_CLIENT }; - char *s, *all_key; + char *s = NULL, *all_key; int r; xxx_host = host; @@ -167,6 +167,7 @@ ssh_kex2(struct ssh *ssh, char *host, struct sockaddr *hostaddr, u_short port) if ((s = kex_names_cat(options.kex_algorithms, "ext-info-c")) == NULL) fatal("%s: kex_names_cat", __func__); myproposal[PROPOSAL_KEX_ALGS] = compat_kex_proposal(s); + free(s); myproposal[PROPOSAL_ENC_ALGS_CTOS] = compat_cipher_proposal(options.ciphers); myproposal[PROPOSAL_ENC_ALGS_STOC] = @@ -194,9 +195,10 @@ ssh_kex2(struct ssh *ssh, char *host, struct sockaddr *hostaddr, u_short port) /* Enforce default */ options.hostkeyalgorithms = xstrdup(KEX_DEFAULT_PK_ALG); /* Prefer algorithms that we already have keys for */ + s = order_hostkeyalgs(host, hostaddr, port, KEX_DEFAULT_PK_ALG); myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = - compat_pkalg_proposal( - order_hostkeyalgs(host, hostaddr, port, KEX_DEFAULT_PK_ALG)); + compat_pkalg_proposal(s); + free(s); } if (options.rekey_limit || options.rekey_interval) -- 2.20.1
_______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev