summaryrefslogtreecommitdiff
path: root/dns.c
diff options
context:
space:
mode:
authorDamien Miller <djm@mindrot.org>2005-11-05 15:09:27 +1100
committerDamien Miller <djm@mindrot.org>2005-11-05 15:09:27 +1100
commit6571249074b1f1af37f51bdbcfb5c0e857903d14 (patch)
tree70fe901dc906990e8b406daa5a615cf44e1e621d /dns.c
parentc1af1d5f409f75420b421ec85749753071ee843e (diff)
- stevesk@cvs.openbsd.org 2005/10/17 13:45:05
[dns.c] fix memory leaks from 2 sources: 1) key_fingerprint_raw() 2) malloc in dns_read_rdata() ok jakob@
Diffstat (limited to 'dns.c')
-rw-r--r--dns.c13
1 files changed, 9 insertions, 4 deletions
diff --git a/dns.c b/dns.c
index a62f43900..4ff9ef3f4 100644
--- a/dns.c
+++ b/dns.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: dns.c,v 1.13 2005/10/13 19:13:41 stevesk Exp $ */ 1/* $OpenBSD: dns.c,v 1.14 2005/10/17 13:45:05 stevesk Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 2003 Wesley Griffin. All rights reserved. 4 * Copyright (c) 2003 Wesley Griffin. All rights reserved.
@@ -41,7 +41,7 @@
41#include "dns.h" 41#include "dns.h"
42#include "log.h" 42#include "log.h"
43 43
44RCSID("$OpenBSD: dns.c,v 1.13 2005/10/13 19:13:41 stevesk Exp $"); 44RCSID("$OpenBSD: dns.c,v 1.14 2005/10/17 13:45:05 stevesk Exp $");
45 45
46#ifndef LWRES 46#ifndef LWRES
47static const char *errset_text[] = { 47static const char *errset_text[] = {
@@ -93,12 +93,14 @@ dns_read_key(u_int8_t *algorithm, u_int8_t *digest_type,
93 *algorithm = SSHFP_KEY_DSA; 93 *algorithm = SSHFP_KEY_DSA;
94 break; 94 break;
95 default: 95 default:
96 *algorithm = SSHFP_KEY_RESERVED; 96 *algorithm = SSHFP_KEY_RESERVED; /* 0 */
97 } 97 }
98 98
99 if (*algorithm) { 99 if (*algorithm) {
100 *digest_type = SSHFP_HASH_SHA1; 100 *digest_type = SSHFP_HASH_SHA1;
101 *digest = key_fingerprint_raw(key, SSH_FP_SHA1, digest_len); 101 *digest = key_fingerprint_raw(key, SSH_FP_SHA1, digest_len);
102 if (*digest == NULL)
103 fatal("dns_read_key: null from key_fingerprint_raw()");
102 success = 1; 104 success = 1;
103 } else { 105 } else {
104 *digest_type = SSHFP_HASH_RESERVED; 106 *digest_type = SSHFP_HASH_RESERVED;
@@ -131,7 +133,7 @@ dns_read_rdata(u_int8_t *algorithm, u_int8_t *digest_type,
131 *digest = (u_char *) xmalloc(*digest_len); 133 *digest = (u_char *) xmalloc(*digest_len);
132 memcpy(*digest, rdata + 2, *digest_len); 134 memcpy(*digest, rdata + 2, *digest_len);
133 } else { 135 } else {
134 *digest = NULL; 136 *digest = xstrdup("");
135 } 137 }
136 138
137 success = 1; 139 success = 1;
@@ -245,8 +247,10 @@ verify_host_key_dns(const char *hostname, struct sockaddr *address,
245 *flags |= DNS_VERIFY_MATCH; 247 *flags |= DNS_VERIFY_MATCH;
246 } 248 }
247 } 249 }
250 xfree(dnskey_digest);
248 } 251 }
249 252
253 xfree(hostkey_digest); /* from key_fingerprint_raw() */
250 freerrset(fingerprints); 254 freerrset(fingerprints);
251 255
252 if (*flags & DNS_VERIFY_FOUND) 256 if (*flags & DNS_VERIFY_FOUND)
@@ -289,6 +293,7 @@ export_dns_rr(const char *hostname, const Key *key, FILE *f, int generic)
289 for (i = 0; i < rdata_digest_len; i++) 293 for (i = 0; i < rdata_digest_len; i++)
290 fprintf(f, "%02x", rdata_digest[i]); 294 fprintf(f, "%02x", rdata_digest[i]);
291 fprintf(f, "\n"); 295 fprintf(f, "\n");
296 xfree(rdata_digest); /* from key_fingerprint_raw() */
292 success = 1; 297 success = 1;
293 } else { 298 } else {
294 error("dns_export_rr: unsupported algorithm"); 299 error("dns_export_rr: unsupported algorithm");