nhyatt/putty-source
1
0
Fork 0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-04-09 23:28:06 -05:00
Code Issues Projects Releases Wiki Activity

Joe Yates's memory leak patch was overenthusiastically freeing

Browse Source 
things; it called freebn on the DH gex values even if DH gex had not
taken place. Bug was trivially reproducible as a NULL-dereference
segfault by making any SSH2 connection with DH gex disabled. Should
now be fixed.

[originally from svn r3678]
This commit is contained in:
Simon Tatham 2004-01-01 16:42:48 +00:00
parent cf0cfba9ca
commit c53056f95c
1 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
ssh.c
View File

@ -4356,9 +4356,11 @@ static int do_ssh2_transport(Ssh ssh, unsigned char *in, int inlen, int ispkt)
logeventf(ssh, "Initialised %s decompression",
ssh->sccomp->text_name);
freebn(s->f);
freebn(s->g);
freebn(s->K);
freebn(s->p);
if (ssh->kex == &ssh_diffiehellman_gex) {
freebn(s->g);
freebn(s->p);
}
/*
* If this is the first key exchange phase, we must pass the