From e2a047ad8de0268141ff01ca303bc81a9befca6b Mon Sep 17 00:00:00 2001 From: Simon Tatham Date: Sat, 6 Jul 2019 17:44:15 +0100 Subject: [PATCH] Fix assorted memory leaks. Affects command-line PuTTYgen, PSFTP, and anything running the SSH-2 userauth client layer. Tweaked version of a patch due to Tim Kosse. --- cmdgen.c | 11 +++++++++++ psftp.c | 12 +++++++++--- ssh2userauth.c | 4 ++++ 3 files changed, 24 insertions(+), 3 deletions(-) diff --git a/cmdgen.c b/cmdgen.c index ae53d6f1..5f62c656 100644 --- a/cmdgen.c +++ b/cmdgen.c @@ -742,6 +742,9 @@ int main(int argc, char **argv) assert(infile != NULL); + sfree(origcomment); + origcomment = NULL; + /* * Find out whether the input key is encrypted. */ @@ -788,7 +791,11 @@ int main(int argc, char **argv) strbuf *blob; BinarySource src[1]; + sfree(origcomment); + origcomment = NULL; + blob = strbuf_new(); + ret = rsa_ssh1_loadpub(infilename, BinarySink_UPCAST(blob), &origcomment, &error); BinarySource_BARE_INIT(src, blob->u, blob->len); @@ -814,6 +821,8 @@ int main(int argc, char **argv) case SSH_KEYTYPE_SSH2_PUBLIC_RFC4716: case SSH_KEYTYPE_SSH2_PUBLIC_OPENSSH: if (!load_encrypted) { + sfree(origcomment); + origcomment = NULL; ssh2blob = strbuf_new(); if (ssh2_userkey_loadpub(infilename, &ssh2alg, BinarySink_UPCAST(ssh2blob), &origcomment, &error)) { @@ -1083,6 +1092,8 @@ int main(int argc, char **argv) ssh_key_free(ssh2key->key); sfree(ssh2key); } + if (ssh2blob) + strbuf_free(ssh2blob); sfree(origcomment); if (infilename) filename_free(infilename); diff --git a/psftp.c b/psftp.c index 2483068e..073701d1 100644 --- a/psftp.c +++ b/psftp.c @@ -33,6 +33,7 @@ static void do_sftp_cleanup(void); */ char *pwd, *homedir; +static LogContext *psftp_logctx = NULL; static Backend *backend; Conf *conf; bool sent_eof = false; @@ -2576,7 +2577,6 @@ static int psftp_connect(char *userhost, char *user, int portnumber) { char *host, *realhost; const char *err; - LogContext *logctx; /* Separate host and username */ host = userhost; @@ -2733,11 +2733,11 @@ static int psftp_connect(char *userhost, char *user, int portnumber) "exec sftp-server"); conf_set_bool(conf, CONF_ssh_subsys2, false); - logctx = log_init(default_logpolicy, conf); + psftp_logctx = log_init(default_logpolicy, conf); platform_psftp_pre_conn_setup(); - err = backend_init(&ssh_backend, psftp_seat, &backend, logctx, conf, + err = backend_init(&ssh_backend, psftp_seat, &backend, psftp_logctx, conf, conf_get_str(conf, CONF_host), conf_get_int(conf, CONF_port), &realhost, 0, @@ -2906,5 +2906,11 @@ int psftp_main(int argc, char *argv[]) cmdline_cleanup(); sk_cleanup(); + stripctrl_free(string_scc); + stripctrl_free(stderr_scc); + + if (psftp_logctx) + log_free(psftp_logctx); + return ret; } diff --git a/ssh2userauth.c b/ssh2userauth.c index e7142683..01eaae60 100644 --- a/ssh2userauth.c +++ b/ssh2userauth.c @@ -178,6 +178,10 @@ static void ssh2_userauth_free(PacketProtocolLayer *ppl) sfree(s->default_username); sfree(s->hostname); sfree(s->fullhostname); + sfree(s->publickey_comment); + sfree(s->publickey_algorithm); + if (s->publickey_blob) + strbuf_free(s->publickey_blob); strbuf_free(s->last_methods_string); if (s->banner_scc) stripctrl_free(s->banner_scc);