We had one more report from Coverity Scan after we brought 9.1p1 into the FreeBSD base system. It complains that calls like "path1 = make_absolute_pwd_glob(path1, *pwd);" in sftp.c leak the allocation. All make_absolute_pwd_glob() calls but one are of that form, so perhaps have it consume and free the first arg, as below (and https://reviews.freebsd.org/D37253)? diff --git a/crypto/openssh/sftp.c b/crypto/openssh/sftp.cindex c3c347e087e4..630e7773af75 100644 --- a/crypto/openssh/sftp.c +++ b/crypto/openssh/sftp.c @@ -621,14 +621,14 @@ escape_glob(const char *s) } static char * -make_absolute_pwd_glob(const char *p, const char *pwd) +make_absolute_pwd_glob(char *p, const char *pwd) { char *ret, *escpwd; escpwd = escape_glob(pwd); if (p == NULL) return escpwd; - ret = make_absolute(xstrdup(p), escpwd); + ret = make_absolute(p, escpwd); free(escpwd); return ret; } @@ -641,7 +641,7 @@ process_get(struct sftp_conn *conn, const char *src, const char *dst, glob_t g; int i, r, err = 0; - abs_src = make_absolute_pwd_glob(src, pwd); + abs_src = make_absolute_pwd_glob(xstrdup(src), pwd); memset(&g, 0, sizeof(g)); debug3("Looking up %s", abs_src); _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
