From 33a59e78f152965c0d758aa0aabf7466e0826902 Mon Sep 17 00:00:00 2001 From: Simon Tatham Date: Sun, 18 Jan 2004 09:14:41 +0000 Subject: [PATCH] Memory management fixes. Fixed a segfault in SSH1 compression cleanup noticed by Gerhard Wiesinger, and also fixed some memory leaks spotted by valgrind while debugging same. [originally from svn r3726] --- ssh.c | 18 ++++++++++++++---- sshzlib.c | 6 +++++- 2 files changed, 19 insertions(+), 5 deletions(-) diff --git a/ssh.c b/ssh.c index 61786b10..22a0b452 100644 --- a/ssh.c +++ b/ssh.c @@ -2767,6 +2767,7 @@ static int do_ssh1_login(Ssh ssh, unsigned char *in, int inlen, int ispkt) if (s->authed) break; } + sfree(s->response); } if (s->authed) break; @@ -4922,6 +4923,7 @@ static void do_ssh2_authconn(Ssh ssh, unsigned char *in, int inlen, int ispkt) if (s->authed) continue; } + sfree(s->response); } if (!s->method && s->can_pubkey && s->publickey_blob @@ -6264,10 +6266,18 @@ static void ssh_free(void *handle) ssh->csmac->free_context(ssh->cs_mac_ctx); if (ssh->sc_mac_ctx) ssh->scmac->free_context(ssh->sc_mac_ctx); - if (ssh->cs_comp_ctx) - ssh->cscomp->compress_cleanup(ssh->cs_comp_ctx); - if (ssh->sc_comp_ctx) - ssh->sccomp->compress_cleanup(ssh->sc_comp_ctx); + if (ssh->cs_comp_ctx) { + if (ssh->cscomp) + ssh->cscomp->compress_cleanup(ssh->cs_comp_ctx); + else + zlib_compress_cleanup(ssh->cs_comp_ctx); + } + if (ssh->sc_comp_ctx) { + if (ssh->sccomp) + ssh->sccomp->decompress_cleanup(ssh->sc_comp_ctx); + else + zlib_decompress_cleanup(ssh->sc_comp_ctx); + } if (ssh->kex_ctx) dh_cleanup(ssh->kex_ctx); sfree(ssh->savedhost); diff --git a/sshzlib.c b/sshzlib.c index 91f5537f..4e70d282 100644 --- a/sshzlib.c +++ b/sshzlib.c @@ -602,6 +602,8 @@ void zlib_compress_cleanup(void *handle) { struct LZ77Context *ectx = (struct LZ77Context *)handle; sfree(ectx->userdata); + sfree(ectx->ictx); + sfree(ectx); } /* @@ -963,13 +965,15 @@ void *zlib_decompress_init(void) void zlib_decompress_cleanup(void *handle) { struct zlib_decompress_ctx *dctx = (struct zlib_decompress_ctx *)handle; - + if (dctx->currlentable && dctx->currlentable != dctx->staticlentable) zlib_freetable(&dctx->currlentable); if (dctx->currdisttable && dctx->currdisttable != dctx->staticdisttable) zlib_freetable(&dctx->currdisttable); if (dctx->lenlentable) zlib_freetable(&dctx->lenlentable); + zlib_freetable(&dctx->staticlentable); + zlib_freetable(&dctx->staticdisttable); sfree(dctx); }