From 8fb45f46173b38cd339aaba3b58cfe74b74b9f92 Mon Sep 17 00:00:00 2001
From: Simon Tatham <anakin@pobox.com>
Date: Sat, 1 Feb 2025 11:10:35 +0000
Subject: [PATCH] kex-hybrid: fix a small memory leak on failure.

Spotted by Coverity: we've just allocated a strbuf to hold the output
of the classical half of the hybrid key exchange, but if that output
isn't generated due to some kind of failure, we forgot to free the
strbuf on exit.
---
 crypto/kex-hybrid.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/crypto/kex-hybrid.c b/crypto/kex-hybrid.c
index e0c78743..8732432e 100644
--- a/crypto/kex-hybrid.c
+++ b/crypto/kex-hybrid.c
@@ -146,6 +146,7 @@ static bool hybrid_client_getkey(ecdh_key *ek, ptrlen remoteKey, BinarySink *bs)
     if (!ecdh_key_getkey(s->classical, classical_data,
                          BinarySink_UPCAST(classical_key))) {
         ssh_hash_free(h);
+        strbuf_free(classical_key);
         return false;                  /* classical DH key didn't validate */
     }
     s->alg->reformat(ptrlen_from_strbuf(classical_key), BinarySink_UPCAST(h));
@@ -238,6 +239,7 @@ static bool hybrid_server_getkey(ecdh_key *ek, ptrlen remoteKey, BinarySink *bs)
     if (!ecdh_key_getkey(s->classical, classical_data,
                          BinarySink_UPCAST(classical_key))) {
         ssh_hash_free(h);
+        strbuf_free(classical_key);
         return false;                  /* classical DH key didn't validate */
     }
     s->alg->reformat(ptrlen_from_strbuf(classical_key), BinarySink_UPCAST(h));