1
0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-01-25 01:02:24 +00:00

Const-correctness of name fields in struct ssh_*.

All the name strings in ssh_cipher, ssh_mac, ssh_hash, ssh_signkey
point to compile-time string literals, hence should obviously be const
char *.

Most of these const-correctness patches are just a mechanical job of
adding a 'const' in the one place you need it right now, and then
chasing the implications through the code adding further consts until
it compiles. But this one has actually shown up a bug: the 'algorithm'
output parameter in ssh2_userkey_loadpub was sometimes returning a
pointer to a string literal, and sometimes a pointer to dynamically
allocated memory, so callers were forced to either sometimes leak
memory or sometimes free a bad thing. Now it's consistently
dynamically allocated, and should be freed everywhere too.
This commit is contained in:
Simon Tatham 2015-05-15 10:12:06 +01:00
parent 79fe96155a
commit a5fc95b715
10 changed files with 23 additions and 21 deletions

View File

@ -790,6 +790,7 @@ int main(int argc, char **argv)
else
bits = -1;
}
sfree(ssh2alg);
} else {
ssh2key = ssh2_load_userkey(infilename, passphrase, &error);
}

View File

@ -410,8 +410,8 @@ static void verify_ssh_host_key_callback(void *ctx, int result)
sfree(state);
}
int verify_ssh_host_key(void *frontend, char *host, int port, char *keytype,
char *keystr, char *fingerprint,
int verify_ssh_host_key(void *frontend, char *host, int port,
const char *keytype, char *keystr, char *fingerprint,
void (*callback)(void *ctx, int result), void *ctx)
{
static const char absenttxt[] =

View File

@ -1193,8 +1193,8 @@ void pgp_fingerprints(void);
* back via the provided function with a result that's either 0
* or +1'.
*/
int verify_ssh_host_key(void *frontend, char *host, int port, char *keytype,
char *keystr, char *fingerprint,
int verify_ssh_host_key(void *frontend, char *host, int port,
const char *keytype, char *keystr, char *fingerprint,
void (*callback)(void *ctx, int result), void *ctx);
/*
* askalg has the same set of return values as verify_ssh_host_key.

1
ssh.c
View File

@ -10275,6 +10275,7 @@ static void do_ssh2_authconn(Ssh ssh, unsigned char *in, int inlen,
/* Clear up various bits and pieces from authentication. */
if (s->publickey_blob) {
sfree(s->publickey_algorithm);
sfree(s->publickey_blob);
sfree(s->publickey_comment);
}

16
ssh.h
View File

@ -293,7 +293,7 @@ struct ssh_cipher {
void (*encrypt) (void *, unsigned char *blk, int len);
void (*decrypt) (void *, unsigned char *blk, int len);
int blksize;
char *text_name;
const char *text_name;
};
struct ssh2_cipher {
@ -308,7 +308,7 @@ struct ssh2_cipher {
int keylen;
unsigned int flags;
#define SSH_CIPHER_IS_CBC 1
char *text_name;
const char *text_name;
};
struct ssh2_ciphers {
@ -328,9 +328,9 @@ struct ssh_mac {
void (*bytes) (void *, unsigned char const *, int);
void (*genresult) (void *, unsigned char *);
int (*verresult) (void *, unsigned char const *);
char *name, *etm_name;
const char *name, *etm_name;
int len;
char *text_name;
const char *text_name;
};
struct ssh_hash {
@ -338,7 +338,7 @@ struct ssh_hash {
void (*bytes)(void *, const void *, int);
void (*final)(void *, unsigned char *); /* also frees context */
int hlen; /* output length in bytes */
char *text_name;
const char *text_name;
};
struct ssh_kex {
@ -379,8 +379,8 @@ struct ssh_signkey {
const char *data, int datalen);
unsigned char *(*sign) (void *key, const char *data, int datalen,
int *siglen);
char *name;
char *keytype; /* for host key cache */
const char *name;
const char *keytype; /* for host key cache */
};
struct ssh_compress {
@ -397,7 +397,7 @@ struct ssh_compress {
int (*decompress) (void *, unsigned char *block, int len,
unsigned char **outblock, int *outlen);
int (*disable_compression) (void *);
char *text_name;
const char *text_name;
};
struct ssh2_userkey {

View File

@ -1191,7 +1191,7 @@ unsigned char *ssh2_userkey_loadpub(const Filename *filename, char **algorithm,
if (pub_blob_len)
*pub_blob_len = public_blob_len;
if (algorithm)
*algorithm = alg->name;
*algorithm = dupstr(alg->name);
return public_blob;
/*

View File

@ -3257,8 +3257,8 @@ int reallyclose(void *frontend)
return ret;
}
int verify_ssh_host_key(void *frontend, char *host, int port, char *keytype,
char *keystr, char *fingerprint,
int verify_ssh_host_key(void *frontend, char *host, int port,
const char *keytype, char *keystr, char *fingerprint,
void (*callback)(void *ctx, int result), void *ctx)
{
static const char absenttxt[] =

View File

@ -74,8 +74,8 @@ void timer_change_notify(unsigned long next)
{
}
int verify_ssh_host_key(void *frontend, char *host, int port, char *keytype,
char *keystr, char *fingerprint,
int verify_ssh_host_key(void *frontend, char *host, int port,
const char *keytype, char *keystr, char *fingerprint,
void (*callback)(void *ctx, int result), void *ctx)
{
int ret;

View File

@ -45,8 +45,8 @@ void timer_change_notify(unsigned long next)
{
}
int verify_ssh_host_key(void *frontend, char *host, int port, char *keytype,
char *keystr, char *fingerprint,
int verify_ssh_host_key(void *frontend, char *host, int port,
const char *keytype, char *keystr, char *fingerprint,
void (*callback)(void *ctx, int result), void *ctx)
{
int ret;

View File

@ -745,8 +745,8 @@ void showabout(HWND hwnd)
DialogBox(hinst, MAKEINTRESOURCE(IDD_ABOUTBOX), hwnd, AboutProc);
}
int verify_ssh_host_key(void *frontend, char *host, int port, char *keytype,
char *keystr, char *fingerprint,
int verify_ssh_host_key(void *frontend, char *host, int port,
const char *keytype, char *keystr, char *fingerprint,
void (*callback)(void *ctx, int result), void *ctx)
{
int ret;