diff options
author | Kevin Steves <stevesk@cvs.openbsd.org> | 2005-10-17 13:45:06 +0000 |
---|---|---|
committer | Kevin Steves <stevesk@cvs.openbsd.org> | 2005-10-17 13:45:06 +0000 |
commit | b8cfd2403519ed010e5b24e3fe2886d1d8cfa82a (patch) | |
tree | 69bc9ea926475a045f9d06d40928e8400e7b208d /usr.bin | |
parent | 2c6a151cc2ee6b21afcd22d05a54b467e32e0339 (diff) |
fix memory leaks from 2 sources:
1) key_fingerprint_raw()
2) malloc in dns_read_rdata()
ok jakob@
Diffstat (limited to 'usr.bin')
-rw-r--r-- | usr.bin/ssh/dns.c | 13 |
1 files changed, 9 insertions, 4 deletions
diff --git a/usr.bin/ssh/dns.c b/usr.bin/ssh/dns.c index a62f4390084..4ff9ef3f496 100644 --- a/usr.bin/ssh/dns.c +++ b/usr.bin/ssh/dns.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dns.c,v 1.13 2005/10/13 19:13:41 stevesk Exp $ */ +/* $OpenBSD: dns.c,v 1.14 2005/10/17 13:45:05 stevesk Exp $ */ /* * Copyright (c) 2003 Wesley Griffin. All rights reserved. @@ -41,7 +41,7 @@ #include "dns.h" #include "log.h" -RCSID("$OpenBSD: dns.c,v 1.13 2005/10/13 19:13:41 stevesk Exp $"); +RCSID("$OpenBSD: dns.c,v 1.14 2005/10/17 13:45:05 stevesk Exp $"); #ifndef LWRES static const char *errset_text[] = { @@ -93,12 +93,14 @@ dns_read_key(u_int8_t *algorithm, u_int8_t *digest_type, *algorithm = SSHFP_KEY_DSA; break; default: - *algorithm = SSHFP_KEY_RESERVED; + *algorithm = SSHFP_KEY_RESERVED; /* 0 */ } if (*algorithm) { *digest_type = SSHFP_HASH_SHA1; *digest = key_fingerprint_raw(key, SSH_FP_SHA1, digest_len); + if (*digest == NULL) + fatal("dns_read_key: null from key_fingerprint_raw()"); success = 1; } else { *digest_type = SSHFP_HASH_RESERVED; @@ -131,7 +133,7 @@ dns_read_rdata(u_int8_t *algorithm, u_int8_t *digest_type, *digest = (u_char *) xmalloc(*digest_len); memcpy(*digest, rdata + 2, *digest_len); } else { - *digest = NULL; + *digest = xstrdup(""); } success = 1; @@ -245,8 +247,10 @@ verify_host_key_dns(const char *hostname, struct sockaddr *address, *flags |= DNS_VERIFY_MATCH; } } + xfree(dnskey_digest); } + xfree(hostkey_digest); /* from key_fingerprint_raw() */ freerrset(fingerprints); if (*flags & DNS_VERIFY_FOUND) @@ -289,6 +293,7 @@ export_dns_rr(const char *hostname, const Key *key, FILE *f, int generic) for (i = 0; i < rdata_digest_len; i++) fprintf(f, "%02x", rdata_digest[i]); fprintf(f, "\n"); + xfree(rdata_digest); /* from key_fingerprint_raw() */ success = 1; } else { error("dns_export_rr: unsupported algorithm"); |