upstream: revert compat.[ch] section of the following change. It

causes double-free under some circumstances. -- date: 2018/07/31 03:07:24; author: djm; state: Exp; lines: +33 -18; commitid: f7g4UI8eeOXReTPh; fix some memory leaks spotted by Coverity via Jakub Jelen in bz#2366 feedback and ok dtucker@ OpenBSD-Commit-ID: 1e77547f60fdb5e2ffe23e2e4733c54d8d2d1137
author: djm@openbsd.org <djm@openbsd.org> 2018-08-13 02:41:05 +0000
committer: Damien Miller <djm@mindrot.org> 2018-08-13 12:42:13 +1000
commit: c3903c38b0fd168ab3d925c2b129d1a599593426 (patch)
tree: a0914654d1d42e32084afe2d34144c0fadc2735d /sshconnect2.c
parent: 1b9dd4aa15208100fbc3650f33ea052255578282 (diff)
1 files changed, 7 insertions, 8 deletions
diff --git a/sshconnect2.c b/sshconnect2.c
index 93192d186..10e4f0a08 100644
--- a/sshconnect2.c
+++ b/sshconnect2.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshconnect2.c,v 1.283 2018/07/31 03:07:24 djm Exp $ */
+/* $OpenBSD: sshconnect2.c,v 1.284 2018/08/13 02:41:05 djm Exp $ */
 /*
 * Copyright (c) 2000 Markus Friedl.  All rights reserved.
 * Copyright (c) 2008 Damien Miller.  All rights reserved.
@@ -167,11 +167,11 @@ ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port)
        if ((s = kex_names_cat(options.kex_algorithms, "ext-info-c")) == NULL)
                fatal("%s: kex_names_cat", __func__);
-        myproposal[PROPOSAL_KEX_ALGS] = compat_kex_proposal(s, datafellows);
+        myproposal[PROPOSAL_KEX_ALGS] = compat_kex_proposal(s);
        myproposal[PROPOSAL_ENC_ALGS_CTOS] =
-            compat_cipher_proposal(options.ciphers, datafellows);
+            compat_cipher_proposal(options.ciphers);
        myproposal[PROPOSAL_ENC_ALGS_STOC] =
-            compat_cipher_proposal(options.ciphers, datafellows);
+            compat_cipher_proposal(options.ciphers);
        myproposal[PROPOSAL_COMP_ALGS_CTOS] =
            myproposal[PROPOSAL_COMP_ALGS_STOC] = options.compression ?
            "zlib@openssh.com,zlib,none" : "none,zlib@openssh.com,zlib";
@@ -184,15 +184,14 @@ ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port)
                        fatal("%s: kex_assemble_namelist", __func__);
                free(all_key);
                myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] =
-                    compat_pkalg_proposal(options.hostkeyalgorithms,
+                    compat_pkalg_proposal(options.hostkeyalgorithms);
-                    datafellows);
        } else {
                /* Enforce default */
                options.hostkeyalgorithms = xstrdup(KEX_DEFAULT_PK_ALG);
                /* Prefer algorithms that we already have keys for */
                myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] =
                    compat_pkalg_proposal(
-                    order_hostkeyalgs(host, hostaddr, port), datafellows);
+                    order_hostkeyalgs(host, hostaddr, port));
        }
        if (options.rekey_limit || options.rekey_interval)
@@ -224,7 +223,7 @@ ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port)
        /* remove ext-info from the KEX proposals for rekeying */
        myproposal[PROPOSAL_KEX_ALGS] =
-            compat_kex_proposal(options.kex_algorithms, datafellows);
+            compat_kex_proposal(options.kex_algorithms);
        if ((r = kex_prop2buf(kex->my, myproposal)) != 0)
                fatal("kex_prop2buf: %s", ssh_err(r));
author	djm@openbsd.org <djm@openbsd.org>	2018-08-13 02:41:05 +0000
committer	Damien Miller <djm@mindrot.org>	2018-08-13 12:42:13 +1000
commit	c3903c38b0fd168ab3d925c2b129d1a599593426 (patch)
tree	a0914654d1d42e32084afe2d34144c0fadc2735d /sshconnect2.c
parent	1b9dd4aa15208100fbc3650f33ea052255578282 (diff)