summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--authfile.c8
-rw-r--r--krl.c14
-rw-r--r--packet.c14
-rw-r--r--ssh-dss.c8
-rw-r--r--ssh-ecdsa.c14
-rw-r--r--ssh-rsa.c8
-rw-r--r--sshbuf.c8
-rw-r--r--sshkey.c29
8 files changed, 37 insertions, 66 deletions
diff --git a/authfile.c b/authfile.c
index 9cd490ca3..d67042411 100644
--- a/authfile.c
+++ b/authfile.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: authfile.c,v 1.119 2015/12/11 02:31:47 mmcc Exp $ */ 1/* $OpenBSD: authfile.c,v 1.120 2015/12/11 04:21:11 mmcc Exp $ */
2/* 2/*
3 * Copyright (c) 2000, 2013 Markus Friedl. All rights reserved. 3 * Copyright (c) 2000, 2013 Markus Friedl. All rights reserved.
4 * 4 *
@@ -243,8 +243,7 @@ sshkey_load_private_type_fd(int fd, int type, const char *passphrase,
243 /* success */ 243 /* success */
244 r = 0; 244 r = 0;
245 out: 245 out:
246 if (buffer != NULL) 246 sshbuf_free(buffer);
247 sshbuf_free(buffer);
248 return r; 247 return r;
249} 248}
250 249
@@ -278,8 +277,7 @@ sshkey_load_private(const char *filename, const char *passphrase,
278 r = 0; 277 r = 0;
279 out: 278 out:
280 close(fd); 279 close(fd);
281 if (buffer != NULL) 280 sshbuf_free(buffer);
282 sshbuf_free(buffer);
283 return r; 281 return r;
284} 282}
285 283
diff --git a/krl.c b/krl.c
index 0194f1c72..ec3b82bea 100644
--- a/krl.c
+++ b/krl.c
@@ -14,7 +14,7 @@
14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15 */ 15 */
16 16
17/* $OpenBSD: krl.c,v 1.35 2015/12/04 16:41:28 markus Exp $ */ 17/* $OpenBSD: krl.c,v 1.36 2015/12/11 04:21:12 mmcc Exp $ */
18 18
19#include "includes.h" 19#include "includes.h"
20 20
@@ -826,10 +826,8 @@ parse_revoked_certs(struct sshbuf *buf, struct ssh_krl *krl)
826 goto out; 826 goto out;
827 827
828 while (sshbuf_len(buf) > 0) { 828 while (sshbuf_len(buf) > 0) {
829 if (subsect != NULL) { 829 sshbuf_free(subsect);
830 sshbuf_free(subsect); 830 subsect = NULL;
831 subsect = NULL;
832 }
833 if ((r = sshbuf_get_u8(buf, &type)) != 0 || 831 if ((r = sshbuf_get_u8(buf, &type)) != 0 ||
834 (r = sshbuf_froms(buf, &subsect)) != 0) 832 (r = sshbuf_froms(buf, &subsect)) != 0)
835 goto out; 833 goto out;
@@ -1059,10 +1057,8 @@ ssh_krl_from_blob(struct sshbuf *buf, struct ssh_krl **krlp,
1059 if ((r = sshbuf_consume(copy, sects_off)) != 0) 1057 if ((r = sshbuf_consume(copy, sects_off)) != 0)
1060 goto out; 1058 goto out;
1061 while (sshbuf_len(copy) > 0) { 1059 while (sshbuf_len(copy) > 0) {
1062 if (sect != NULL) { 1060 sshbuf_free(sect);
1063 sshbuf_free(sect); 1061 sect = NULL;
1064 sect = NULL;
1065 }
1066 if ((r = sshbuf_get_u8(copy, &type)) != 0 || 1062 if ((r = sshbuf_get_u8(copy, &type)) != 0 ||
1067 (r = sshbuf_froms(copy, &sect)) != 0) 1063 (r = sshbuf_froms(copy, &sect)) != 0)
1068 goto out; 1064 goto out;
diff --git a/packet.c b/packet.c
index 8d9bcd8db..27e85e3a1 100644
--- a/packet.c
+++ b/packet.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: packet.c,v 1.220 2015/12/11 03:24:25 djm Exp $ */ 1/* $OpenBSD: packet.c,v 1.221 2015/12/11 04:21:12 mmcc Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -2453,8 +2453,7 @@ newkeys_to_blob(struct sshbuf *m, struct ssh *ssh, int mode)
2453 goto out; 2453 goto out;
2454 r = sshbuf_put_stringb(m, b); 2454 r = sshbuf_put_stringb(m, b);
2455 out: 2455 out:
2456 if (b != NULL) 2456 sshbuf_free(b);
2457 sshbuf_free(b);
2458 return r; 2457 return r;
2459} 2458}
2460 2459
@@ -2590,8 +2589,7 @@ newkeys_from_blob(struct sshbuf *m, struct ssh *ssh, int mode)
2590 r = 0; 2589 r = 0;
2591 out: 2590 out:
2592 free(newkey); 2591 free(newkey);
2593 if (b != NULL) 2592 sshbuf_free(b);
2594 sshbuf_free(b);
2595 return r; 2593 return r;
2596} 2594}
2597 2595
@@ -2624,10 +2622,8 @@ kex_from_blob(struct sshbuf *m, struct kex **kexp)
2624 out: 2622 out:
2625 if (r != 0 || kexp == NULL) { 2623 if (r != 0 || kexp == NULL) {
2626 if (kex != NULL) { 2624 if (kex != NULL) {
2627 if (kex->my != NULL) 2625 sshbuf_free(kex->my);
2628 sshbuf_free(kex->my); 2626 sshbuf_free(kex->peer);
2629 if (kex->peer != NULL)
2630 sshbuf_free(kex->peer);
2631 free(kex); 2627 free(kex);
2632 } 2628 }
2633 if (kexp != NULL) 2629 if (kexp != NULL)
diff --git a/ssh-dss.c b/ssh-dss.c
index 254f2a39b..cc47dcf5f 100644
--- a/ssh-dss.c
+++ b/ssh-dss.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssh-dss.c,v 1.33 2015/12/10 17:08:40 mmcc Exp $ */ 1/* $OpenBSD: ssh-dss.c,v 1.34 2015/12/11 04:21:12 mmcc Exp $ */
2/* 2/*
3 * Copyright (c) 2000 Markus Friedl. All rights reserved. 3 * Copyright (c) 2000 Markus Friedl. All rights reserved.
4 * 4 *
@@ -122,8 +122,7 @@ ssh_dss_sign(const struct sshkey *key, u_char **sigp, size_t *lenp,
122 explicit_bzero(digest, sizeof(digest)); 122 explicit_bzero(digest, sizeof(digest));
123 if (sig != NULL) 123 if (sig != NULL)
124 DSA_SIG_free(sig); 124 DSA_SIG_free(sig);
125 if (b != NULL) 125 sshbuf_free(b);
126 sshbuf_free(b);
127 return ret; 126 return ret;
128} 127}
129 128
@@ -209,8 +208,7 @@ ssh_dss_verify(const struct sshkey *key,
209 explicit_bzero(digest, sizeof(digest)); 208 explicit_bzero(digest, sizeof(digest));
210 if (sig != NULL) 209 if (sig != NULL)
211 DSA_SIG_free(sig); 210 DSA_SIG_free(sig);
212 if (b != NULL) 211 sshbuf_free(b);
213 sshbuf_free(b);
214 free(ktype); 212 free(ktype);
215 if (sigblob != NULL) { 213 if (sigblob != NULL) {
216 explicit_bzero(sigblob, len); 214 explicit_bzero(sigblob, len);
diff --git a/ssh-ecdsa.c b/ssh-ecdsa.c
index 2c76f8b43..74912dfd9 100644
--- a/ssh-ecdsa.c
+++ b/ssh-ecdsa.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssh-ecdsa.c,v 1.11 2014/06/24 01:13:21 djm Exp $ */ 1/* $OpenBSD: ssh-ecdsa.c,v 1.12 2015/12/11 04:21:12 mmcc Exp $ */
2/* 2/*
3 * Copyright (c) 2000 Markus Friedl. All rights reserved. 3 * Copyright (c) 2000 Markus Friedl. All rights reserved.
4 * Copyright (c) 2010 Damien Miller. All rights reserved. 4 * Copyright (c) 2010 Damien Miller. All rights reserved.
@@ -99,10 +99,8 @@ ssh_ecdsa_sign(const struct sshkey *key, u_char **sigp, size_t *lenp,
99 ret = 0; 99 ret = 0;
100 out: 100 out:
101 explicit_bzero(digest, sizeof(digest)); 101 explicit_bzero(digest, sizeof(digest));
102 if (b != NULL) 102 sshbuf_free(b);
103 sshbuf_free(b); 103 sshbuf_free(bb);
104 if (bb != NULL)
105 sshbuf_free(bb);
106 if (sig != NULL) 104 if (sig != NULL)
107 ECDSA_SIG_free(sig); 105 ECDSA_SIG_free(sig);
108 return ret; 106 return ret;
@@ -179,10 +177,8 @@ ssh_ecdsa_verify(const struct sshkey *key,
179 177
180 out: 178 out:
181 explicit_bzero(digest, sizeof(digest)); 179 explicit_bzero(digest, sizeof(digest));
182 if (sigbuf != NULL) 180 sshbuf_free(sigbuf);
183 sshbuf_free(sigbuf); 181 sshbuf_free(b);
184 if (b != NULL)
185 sshbuf_free(b);
186 if (sig != NULL) 182 if (sig != NULL)
187 ECDSA_SIG_free(sig); 183 ECDSA_SIG_free(sig);
188 free(ktype); 184 free(ktype);
diff --git a/ssh-rsa.c b/ssh-rsa.c
index 4eb00c87c..53d44d1f3 100644
--- a/ssh-rsa.c
+++ b/ssh-rsa.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssh-rsa.c,v 1.57 2015/12/10 17:08:40 mmcc Exp $ */ 1/* $OpenBSD: ssh-rsa.c,v 1.58 2015/12/11 04:21:12 mmcc Exp $ */
2/* 2/*
3 * Copyright (c) 2000, 2003 Markus Friedl <markus@openbsd.org> 3 * Copyright (c) 2000, 2003 Markus Friedl <markus@openbsd.org>
4 * 4 *
@@ -156,8 +156,7 @@ ssh_rsa_sign(const struct sshkey *key, u_char **sigp, size_t *lenp,
156 explicit_bzero(sig, slen); 156 explicit_bzero(sig, slen);
157 free(sig); 157 free(sig);
158 } 158 }
159 if (b != NULL) 159 sshbuf_free(b);
160 sshbuf_free(b);
161 return ret; 160 return ret;
162} 161}
163 162
@@ -227,8 +226,7 @@ ssh_rsa_verify(const struct sshkey *key,
227 free(sigblob); 226 free(sigblob);
228 } 227 }
229 free(ktype); 228 free(ktype);
230 if (b != NULL) 229 sshbuf_free(b);
231 sshbuf_free(b);
232 explicit_bzero(digest, sizeof(digest)); 230 explicit_bzero(digest, sizeof(digest));
233 return ret; 231 return ret;
234} 232}
diff --git a/sshbuf.c b/sshbuf.c
index fd281ed9e..f52b56767 100644
--- a/sshbuf.c
+++ b/sshbuf.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: sshbuf.c,v 1.4 2015/10/05 17:11:21 djm Exp $ */ 1/* $OpenBSD: sshbuf.c,v 1.5 2015/12/11 04:21:12 mmcc Exp $ */
2/* 2/*
3 * Copyright (c) 2011 Damien Miller 3 * Copyright (c) 2011 Damien Miller
4 * 4 *
@@ -163,10 +163,8 @@ sshbuf_free(struct sshbuf *buf)
163 * If we are a child, the free our parent to decrement its reference 163 * If we are a child, the free our parent to decrement its reference
164 * count and possibly free it. 164 * count and possibly free it.
165 */ 165 */
166 if (buf->parent != NULL) { 166 sshbuf_free(buf->parent);
167 sshbuf_free(buf->parent); 167 buf->parent = NULL;
168 buf->parent = NULL;
169 }
170 /* 168 /*
171 * If we are a parent with still-extant children, then don't free just 169 * If we are a parent with still-extant children, then don't free just
172 * yet. The last child's call to sshbuf_free should decrement our 170 * yet. The last child's call to sshbuf_free should decrement our
diff --git a/sshkey.c b/sshkey.c
index 96a4d9090..87b093e91 100644
--- a/sshkey.c
+++ b/sshkey.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: sshkey.c,v 1.30 2015/12/11 02:31:47 mmcc Exp $ */ 1/* $OpenBSD: sshkey.c,v 1.31 2015/12/11 04:21:12 mmcc Exp $ */
2/* 2/*
3 * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. 3 * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
4 * Copyright (c) 2008 Alexander von Gernler. All rights reserved. 4 * Copyright (c) 2008 Alexander von Gernler. All rights reserved.
@@ -420,12 +420,9 @@ cert_free(struct sshkey_cert *cert)
420 420
421 if (cert == NULL) 421 if (cert == NULL)
422 return; 422 return;
423 if (cert->certblob != NULL) 423 sshbuf_free(cert->certblob);
424 sshbuf_free(cert->certblob); 424 sshbuf_free(cert->critical);
425 if (cert->critical != NULL) 425 sshbuf_free(cert->extensions);
426 sshbuf_free(cert->critical);
427 if (cert->extensions != NULL)
428 sshbuf_free(cert->extensions);
429 free(cert->key_id); 426 free(cert->key_id);
430 for (i = 0; i < cert->nprincipals; i++) 427 for (i = 0; i < cert->nprincipals; i++)
431 free(cert->principals[i]); 428 free(cert->principals[i]);
@@ -2472,8 +2469,7 @@ sshkey_certify(struct sshkey *k, struct sshkey *ca)
2472 sshbuf_reset(cert); 2469 sshbuf_reset(cert);
2473 free(sig_blob); 2470 free(sig_blob);
2474 free(ca_blob); 2471 free(ca_blob);
2475 if (principals != NULL) 2472 sshbuf_free(principals);
2476 sshbuf_free(principals);
2477 return ret; 2473 return ret;
2478} 2474}
2479 2475
@@ -3487,10 +3483,8 @@ sshkey_private_rsa1_to_blob(struct sshkey *key, struct sshbuf *blob,
3487 out: 3483 out:
3488 explicit_bzero(&ciphercontext, sizeof(ciphercontext)); 3484 explicit_bzero(&ciphercontext, sizeof(ciphercontext));
3489 explicit_bzero(buf, sizeof(buf)); 3485 explicit_bzero(buf, sizeof(buf));
3490 if (buffer != NULL) 3486 sshbuf_free(buffer);
3491 sshbuf_free(buffer); 3487 sshbuf_free(encrypted);
3492 if (encrypted != NULL)
3493 sshbuf_free(encrypted);
3494 3488
3495 return r; 3489 return r;
3496} 3490}
@@ -3644,8 +3638,7 @@ sshkey_parse_public_rsa1_fileblob(struct sshbuf *blob,
3644 pub = NULL; 3638 pub = NULL;
3645 3639
3646 out: 3640 out:
3647 if (copy != NULL) 3641 sshbuf_free(copy);
3648 sshbuf_free(copy);
3649 sshkey_free(pub); 3642 sshkey_free(pub);
3650 return r; 3643 return r;
3651} 3644}
@@ -3760,10 +3753,8 @@ sshkey_parse_private_rsa1(struct sshbuf *blob, const char *passphrase,
3760 explicit_bzero(&ciphercontext, sizeof(ciphercontext)); 3753 explicit_bzero(&ciphercontext, sizeof(ciphercontext));
3761 free(comment); 3754 free(comment);
3762 sshkey_free(prv); 3755 sshkey_free(prv);
3763 if (copy != NULL) 3756 sshbuf_free(copy);
3764 sshbuf_free(copy); 3757 sshbuf_free(decrypted);
3765 if (decrypted != NULL)
3766 sshbuf_free(decrypted);
3767 return r; 3758 return r;
3768} 3759}
3769#endif /* WITH_SSH1 */ 3760#endif /* WITH_SSH1 */
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-18 13:50:42 +0000