diff options
author | djm@openbsd.org <djm@openbsd.org> | 2018-07-31 03:07:24 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2018-07-31 13:13:26 +1000 |
commit | 1a66079c0669813306cc69e5776a4acd9fb49015 (patch) | |
tree | 892eb2fcddac9189cc1d8e7a9b821bde27ba1014 /compat.c | |
parent | 87f08be054b7eeadbb9cdeb3fb4872be79ccf218 (diff) |
upstream: fix some memory leaks spotted by Coverity via Jakub Jelen
in bz#2366 feedback and ok dtucker@
OpenBSD-Commit-ID: 8402bbae67d578bedbadb0ce68ff7c5a136ef563
Diffstat (limited to 'compat.c')
-rw-r--r-- | compat.c | 51 |
1 files changed, 33 insertions, 18 deletions
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: compat.c,v 1.111 2018/07/09 21:03:30 markus Exp $ */ | 1 | /* $OpenBSD: compat.c,v 1.112 2018/07/31 03:07:24 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 1999, 2000, 2001, 2002 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 1999, 2000, 2001, 2002 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -184,13 +184,17 @@ proto_spec(const char *spec) | |||
184 | } | 184 | } |
185 | 185 | ||
186 | char * | 186 | char * |
187 | compat_cipher_proposal(char *cipher_prop) | 187 | compat_cipher_proposal(char *cipher_prop, u_int compat) |
188 | { | 188 | { |
189 | if (!(datafellows & SSH_BUG_BIGENDIANAES)) | 189 | char *cp; |
190 | |||
191 | if (!(compat & SSH_BUG_BIGENDIANAES)) | ||
190 | return cipher_prop; | 192 | return cipher_prop; |
191 | debug2("%s: original cipher proposal: %s", __func__, cipher_prop); | 193 | debug2("%s: original cipher proposal: %s", __func__, cipher_prop); |
192 | if ((cipher_prop = match_filter_blacklist(cipher_prop, "aes*")) == NULL) | 194 | if ((cp = match_filter_blacklist(cipher_prop, "aes*")) == NULL) |
193 | fatal("match_filter_blacklist failed"); | 195 | fatal("match_filter_blacklist failed"); |
196 | free(cipher_prop); | ||
197 | cipher_prop = cp; | ||
194 | debug2("%s: compat cipher proposal: %s", __func__, cipher_prop); | 198 | debug2("%s: compat cipher proposal: %s", __func__, cipher_prop); |
195 | if (*cipher_prop == '\0') | 199 | if (*cipher_prop == '\0') |
196 | fatal("No supported ciphers found"); | 200 | fatal("No supported ciphers found"); |
@@ -198,13 +202,17 @@ compat_cipher_proposal(char *cipher_prop) | |||
198 | } | 202 | } |
199 | 203 | ||
200 | char * | 204 | char * |
201 | compat_pkalg_proposal(char *pkalg_prop) | 205 | compat_pkalg_proposal(char *pkalg_prop, u_int compat) |
202 | { | 206 | { |
203 | if (!(datafellows & SSH_BUG_RSASIGMD5)) | 207 | char *cp; |
208 | |||
209 | if (!(compat & SSH_BUG_RSASIGMD5)) | ||
204 | return pkalg_prop; | 210 | return pkalg_prop; |
205 | debug2("%s: original public key proposal: %s", __func__, pkalg_prop); | 211 | debug2("%s: original public key proposal: %s", __func__, pkalg_prop); |
206 | if ((pkalg_prop = match_filter_blacklist(pkalg_prop, "ssh-rsa")) == NULL) | 212 | if ((cp = match_filter_blacklist(pkalg_prop, "ssh-rsa")) == NULL) |
207 | fatal("match_filter_blacklist failed"); | 213 | fatal("match_filter_blacklist failed"); |
214 | free(pkalg_prop); | ||
215 | pkalg_prop = cp; | ||
208 | debug2("%s: compat public key proposal: %s", __func__, pkalg_prop); | 216 | debug2("%s: compat public key proposal: %s", __func__, pkalg_prop); |
209 | if (*pkalg_prop == '\0') | 217 | if (*pkalg_prop == '\0') |
210 | fatal("No supported PK algorithms found"); | 218 | fatal("No supported PK algorithms found"); |
@@ -212,24 +220,31 @@ compat_pkalg_proposal(char *pkalg_prop) | |||
212 | } | 220 | } |
213 | 221 | ||
214 | char * | 222 | char * |
215 | compat_kex_proposal(char *p) | 223 | compat_kex_proposal(char *kex_prop, u_int compat) |
216 | { | 224 | { |
217 | if ((datafellows & (SSH_BUG_CURVE25519PAD|SSH_OLD_DHGEX)) == 0) | 225 | char *cp; |
218 | return p; | 226 | |
219 | debug2("%s: original KEX proposal: %s", __func__, p); | 227 | if ((compat & (SSH_BUG_CURVE25519PAD|SSH_OLD_DHGEX)) == 0) |
220 | if ((datafellows & SSH_BUG_CURVE25519PAD) != 0) | 228 | return kex_prop; |
221 | if ((p = match_filter_blacklist(p, | 229 | debug2("%s: original KEX proposal: %s", __func__, kex_prop); |
230 | if ((compat & SSH_BUG_CURVE25519PAD) != 0) { | ||
231 | if ((cp = match_filter_blacklist(kex_prop, | ||
222 | "curve25519-sha256@libssh.org")) == NULL) | 232 | "curve25519-sha256@libssh.org")) == NULL) |
223 | fatal("match_filter_blacklist failed"); | 233 | fatal("match_filter_blacklist failed"); |
224 | if ((datafellows & SSH_OLD_DHGEX) != 0) { | 234 | free(kex_prop); |
225 | if ((p = match_filter_blacklist(p, | 235 | kex_prop = cp; |
236 | } | ||
237 | if ((compat & SSH_OLD_DHGEX) != 0) { | ||
238 | if ((cp = match_filter_blacklist(kex_prop, | ||
226 | "diffie-hellman-group-exchange-sha256," | 239 | "diffie-hellman-group-exchange-sha256," |
227 | "diffie-hellman-group-exchange-sha1")) == NULL) | 240 | "diffie-hellman-group-exchange-sha1")) == NULL) |
228 | fatal("match_filter_blacklist failed"); | 241 | fatal("match_filter_blacklist failed"); |
242 | free(kex_prop); | ||
243 | kex_prop = cp; | ||
229 | } | 244 | } |
230 | debug2("%s: compat KEX proposal: %s", __func__, p); | 245 | debug2("%s: compat KEX proposal: %s", __func__, kex_prop); |
231 | if (*p == '\0') | 246 | if (*kex_prop == '\0') |
232 | fatal("No supported key exchange algorithms found"); | 247 | fatal("No supported key exchange algorithms found"); |
233 | return p; | 248 | return kex_prop; |
234 | } | 249 | } |
235 | 250 | ||