1
0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-01-10 01:48:00 +00:00

Const-correctness of name fields in struct ssh_*.

All the name strings in ssh_cipher, ssh_mac, ssh_hash, ssh_signkey
point to compile-time string literals, hence should obviously be const
char *.

Most of these const-correctness patches are just a mechanical job of
adding a 'const' in the one place you need it right now, and then
chasing the implications through the code adding further consts until
it compiles. But this one has actually shown up a bug: the 'algorithm'
output parameter in ssh2_userkey_loadpub was sometimes returning a
pointer to a string literal, and sometimes a pointer to dynamically
allocated memory, so callers were forced to either sometimes leak
memory or sometimes free a bad thing. Now it's consistently
dynamically allocated, and should be freed everywhere too.
This commit is contained in:
Simon Tatham 2015-05-15 10:12:06 +01:00
parent 79fe96155a
commit a5fc95b715
10 changed files with 23 additions and 21 deletions

View File

@ -790,6 +790,7 @@ int main(int argc, char **argv)
else else
bits = -1; bits = -1;
} }
sfree(ssh2alg);
} else { } else {
ssh2key = ssh2_load_userkey(infilename, passphrase, &error); ssh2key = ssh2_load_userkey(infilename, passphrase, &error);
} }

View File

@ -410,8 +410,8 @@ static void verify_ssh_host_key_callback(void *ctx, int result)
sfree(state); sfree(state);
} }
int verify_ssh_host_key(void *frontend, char *host, int port, char *keytype, int verify_ssh_host_key(void *frontend, char *host, int port,
char *keystr, char *fingerprint, const char *keytype, char *keystr, char *fingerprint,
void (*callback)(void *ctx, int result), void *ctx) void (*callback)(void *ctx, int result), void *ctx)
{ {
static const char absenttxt[] = static const char absenttxt[] =

View File

@ -1193,8 +1193,8 @@ void pgp_fingerprints(void);
* back via the provided function with a result that's either 0 * back via the provided function with a result that's either 0
* or +1'. * or +1'.
*/ */
int verify_ssh_host_key(void *frontend, char *host, int port, char *keytype, int verify_ssh_host_key(void *frontend, char *host, int port,
char *keystr, char *fingerprint, const char *keytype, char *keystr, char *fingerprint,
void (*callback)(void *ctx, int result), void *ctx); void (*callback)(void *ctx, int result), void *ctx);
/* /*
* askalg has the same set of return values as verify_ssh_host_key. * askalg has the same set of return values as verify_ssh_host_key.

1
ssh.c
View File

@ -10275,6 +10275,7 @@ static void do_ssh2_authconn(Ssh ssh, unsigned char *in, int inlen,
/* Clear up various bits and pieces from authentication. */ /* Clear up various bits and pieces from authentication. */
if (s->publickey_blob) { if (s->publickey_blob) {
sfree(s->publickey_algorithm);
sfree(s->publickey_blob); sfree(s->publickey_blob);
sfree(s->publickey_comment); sfree(s->publickey_comment);
} }

16
ssh.h
View File

@ -293,7 +293,7 @@ struct ssh_cipher {
void (*encrypt) (void *, unsigned char *blk, int len); void (*encrypt) (void *, unsigned char *blk, int len);
void (*decrypt) (void *, unsigned char *blk, int len); void (*decrypt) (void *, unsigned char *blk, int len);
int blksize; int blksize;
char *text_name; const char *text_name;
}; };
struct ssh2_cipher { struct ssh2_cipher {
@ -308,7 +308,7 @@ struct ssh2_cipher {
int keylen; int keylen;
unsigned int flags; unsigned int flags;
#define SSH_CIPHER_IS_CBC 1 #define SSH_CIPHER_IS_CBC 1
char *text_name; const char *text_name;
}; };
struct ssh2_ciphers { struct ssh2_ciphers {
@ -328,9 +328,9 @@ struct ssh_mac {
void (*bytes) (void *, unsigned char const *, int); void (*bytes) (void *, unsigned char const *, int);
void (*genresult) (void *, unsigned char *); void (*genresult) (void *, unsigned char *);
int (*verresult) (void *, unsigned char const *); int (*verresult) (void *, unsigned char const *);
char *name, *etm_name; const char *name, *etm_name;
int len; int len;
char *text_name; const char *text_name;
}; };
struct ssh_hash { struct ssh_hash {
@ -338,7 +338,7 @@ struct ssh_hash {
void (*bytes)(void *, const void *, int); void (*bytes)(void *, const void *, int);
void (*final)(void *, unsigned char *); /* also frees context */ void (*final)(void *, unsigned char *); /* also frees context */
int hlen; /* output length in bytes */ int hlen; /* output length in bytes */
char *text_name; const char *text_name;
}; };
struct ssh_kex { struct ssh_kex {
@ -379,8 +379,8 @@ struct ssh_signkey {
const char *data, int datalen); const char *data, int datalen);
unsigned char *(*sign) (void *key, const char *data, int datalen, unsigned char *(*sign) (void *key, const char *data, int datalen,
int *siglen); int *siglen);
char *name; const char *name;
char *keytype; /* for host key cache */ const char *keytype; /* for host key cache */
}; };
struct ssh_compress { struct ssh_compress {
@ -397,7 +397,7 @@ struct ssh_compress {
int (*decompress) (void *, unsigned char *block, int len, int (*decompress) (void *, unsigned char *block, int len,
unsigned char **outblock, int *outlen); unsigned char **outblock, int *outlen);
int (*disable_compression) (void *); int (*disable_compression) (void *);
char *text_name; const char *text_name;
}; };
struct ssh2_userkey { struct ssh2_userkey {

View File

@ -1191,7 +1191,7 @@ unsigned char *ssh2_userkey_loadpub(const Filename *filename, char **algorithm,
if (pub_blob_len) if (pub_blob_len)
*pub_blob_len = public_blob_len; *pub_blob_len = public_blob_len;
if (algorithm) if (algorithm)
*algorithm = alg->name; *algorithm = dupstr(alg->name);
return public_blob; return public_blob;
/* /*

View File

@ -3257,8 +3257,8 @@ int reallyclose(void *frontend)
return ret; return ret;
} }
int verify_ssh_host_key(void *frontend, char *host, int port, char *keytype, int verify_ssh_host_key(void *frontend, char *host, int port,
char *keystr, char *fingerprint, const char *keytype, char *keystr, char *fingerprint,
void (*callback)(void *ctx, int result), void *ctx) void (*callback)(void *ctx, int result), void *ctx)
{ {
static const char absenttxt[] = static const char absenttxt[] =

View File

@ -74,8 +74,8 @@ void timer_change_notify(unsigned long next)
{ {
} }
int verify_ssh_host_key(void *frontend, char *host, int port, char *keytype, int verify_ssh_host_key(void *frontend, char *host, int port,
char *keystr, char *fingerprint, const char *keytype, char *keystr, char *fingerprint,
void (*callback)(void *ctx, int result), void *ctx) void (*callback)(void *ctx, int result), void *ctx)
{ {
int ret; int ret;

View File

@ -45,8 +45,8 @@ void timer_change_notify(unsigned long next)
{ {
} }
int verify_ssh_host_key(void *frontend, char *host, int port, char *keytype, int verify_ssh_host_key(void *frontend, char *host, int port,
char *keystr, char *fingerprint, const char *keytype, char *keystr, char *fingerprint,
void (*callback)(void *ctx, int result), void *ctx) void (*callback)(void *ctx, int result), void *ctx)
{ {
int ret; int ret;

View File

@ -745,8 +745,8 @@ void showabout(HWND hwnd)
DialogBox(hinst, MAKEINTRESOURCE(IDD_ABOUTBOX), hwnd, AboutProc); DialogBox(hinst, MAKEINTRESOURCE(IDD_ABOUTBOX), hwnd, AboutProc);
} }
int verify_ssh_host_key(void *frontend, char *host, int port, char *keytype, int verify_ssh_host_key(void *frontend, char *host, int port,
char *keystr, char *fingerprint, const char *keytype, char *keystr, char *fingerprint,
void (*callback)(void *ctx, int result), void *ctx) void (*callback)(void *ctx, int result), void *ctx)
{ {
int ret; int ret;