diff options
| author | Damien Miller <djm@mindrot.org> | 2005-11-05 15:09:27 +1100 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2005-11-05 15:09:27 +1100 |
| commit | 6571249074b1f1af37f51bdbcfb5c0e857903d14 (patch) | |
| tree | 70fe901dc906990e8b406daa5a615cf44e1e621d /dns.c | |
| parent | c1af1d5f409f75420b421ec85749753071ee843e (diff) | |
- stevesk@cvs.openbsd.org 2005/10/17 13:45:05
[dns.c]
fix memory leaks from 2 sources:
1) key_fingerprint_raw()
2) malloc in dns_read_rdata()
ok jakob@
Diffstat (limited to 'dns.c')
| -rw-r--r-- | dns.c | 13 |
1 files changed, 9 insertions, 4 deletions
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: dns.c,v 1.13 2005/10/13 19:13:41 stevesk Exp $ */ | 1 | /* $OpenBSD: dns.c,v 1.14 2005/10/17 13:45:05 stevesk Exp $ */ |
| 2 | 2 | ||
| 3 | /* | 3 | /* |
| 4 | * Copyright (c) 2003 Wesley Griffin. All rights reserved. | 4 | * Copyright (c) 2003 Wesley Griffin. All rights reserved. |
| @@ -41,7 +41,7 @@ | |||
| 41 | #include "dns.h" | 41 | #include "dns.h" |
| 42 | #include "log.h" | 42 | #include "log.h" |
| 43 | 43 | ||
| 44 | RCSID("$OpenBSD: dns.c,v 1.13 2005/10/13 19:13:41 stevesk Exp $"); | 44 | RCSID("$OpenBSD: dns.c,v 1.14 2005/10/17 13:45:05 stevesk Exp $"); |
| 45 | 45 | ||
| 46 | #ifndef LWRES | 46 | #ifndef LWRES |
| 47 | static const char *errset_text[] = { | 47 | static const char *errset_text[] = { |
| @@ -93,12 +93,14 @@ dns_read_key(u_int8_t *algorithm, u_int8_t *digest_type, | |||
| 93 | *algorithm = SSHFP_KEY_DSA; | 93 | *algorithm = SSHFP_KEY_DSA; |
| 94 | break; | 94 | break; |
| 95 | default: | 95 | default: |
| 96 | *algorithm = SSHFP_KEY_RESERVED; | 96 | *algorithm = SSHFP_KEY_RESERVED; /* 0 */ |
| 97 | } | 97 | } |
| 98 | 98 | ||
| 99 | if (*algorithm) { | 99 | if (*algorithm) { |
| 100 | *digest_type = SSHFP_HASH_SHA1; | 100 | *digest_type = SSHFP_HASH_SHA1; |
| 101 | *digest = key_fingerprint_raw(key, SSH_FP_SHA1, digest_len); | 101 | *digest = key_fingerprint_raw(key, SSH_FP_SHA1, digest_len); |
| 102 | if (*digest == NULL) | ||
| 103 | fatal("dns_read_key: null from key_fingerprint_raw()"); | ||
| 102 | success = 1; | 104 | success = 1; |
| 103 | } else { | 105 | } else { |
| 104 | *digest_type = SSHFP_HASH_RESERVED; | 106 | *digest_type = SSHFP_HASH_RESERVED; |
| @@ -131,7 +133,7 @@ dns_read_rdata(u_int8_t *algorithm, u_int8_t *digest_type, | |||
| 131 | *digest = (u_char *) xmalloc(*digest_len); | 133 | *digest = (u_char *) xmalloc(*digest_len); |
| 132 | memcpy(*digest, rdata + 2, *digest_len); | 134 | memcpy(*digest, rdata + 2, *digest_len); |
| 133 | } else { | 135 | } else { |
| 134 | *digest = NULL; | 136 | *digest = xstrdup(""); |
| 135 | } | 137 | } |
| 136 | 138 | ||
| 137 | success = 1; | 139 | success = 1; |
| @@ -245,8 +247,10 @@ verify_host_key_dns(const char *hostname, struct sockaddr *address, | |||
| 245 | *flags |= DNS_VERIFY_MATCH; | 247 | *flags |= DNS_VERIFY_MATCH; |
| 246 | } | 248 | } |
| 247 | } | 249 | } |
| 250 | xfree(dnskey_digest); | ||
| 248 | } | 251 | } |
| 249 | 252 | ||
| 253 | xfree(hostkey_digest); /* from key_fingerprint_raw() */ | ||
| 250 | freerrset(fingerprints); | 254 | freerrset(fingerprints); |
| 251 | 255 | ||
| 252 | if (*flags & DNS_VERIFY_FOUND) | 256 | if (*flags & DNS_VERIFY_FOUND) |
| @@ -289,6 +293,7 @@ export_dns_rr(const char *hostname, const Key *key, FILE *f, int generic) | |||
| 289 | for (i = 0; i < rdata_digest_len; i++) | 293 | for (i = 0; i < rdata_digest_len; i++) |
| 290 | fprintf(f, "%02x", rdata_digest[i]); | 294 | fprintf(f, "%02x", rdata_digest[i]); |
| 291 | fprintf(f, "\n"); | 295 | fprintf(f, "\n"); |
| 296 | xfree(rdata_digest); /* from key_fingerprint_raw() */ | ||
| 292 | success = 1; | 297 | success = 1; |
| 293 | } else { | 298 | } else { |
| 294 | error("dns_export_rr: unsupported algorithm"); | 299 | error("dns_export_rr: unsupported algorithm"); |