2 files changed, 8 insertions, 1 deletions

diff --git a/ChangeLog b/ChangeLog
index 406d7e20c..3ebe0df30 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -10,6 +10,11 @@
      [ssh-ecdsa.c]
      Fix memory leak in ssh_ecdsa_verify(); from Loganaden Velvindron,
      ok markus@
+   - miod@cvs.openbsd.org 2012/01/16 20:34:09
+     [ssh-pkcs11-client.c]
+     Fix a memory leak in pkcs11_rsa_private_encrypt(), reported by Jan Klemkow.
+     While there, be sure to buffer_clear() between send_msg() and recv_msg().
+     ok markus@
 
 20120206
  - (djm) [ssh-keygen.c] Don't fail in do_gen_all_hostkeys on platforms
diff --git a/ssh-pkcs11-client.c b/ssh-pkcs11-client.c
index 650c37342..82b11daf5 100644
--- a/ssh-pkcs11-client.c
+++ b/ssh-pkcs11-client.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-pkcs11-client.c,v 1.2 2010/02/24 06:12:53 djm Exp $ */
+/* $OpenBSD: ssh-pkcs11-client.c,v 1.3 2012/01/16 20:34:09 miod Exp $ */
 /*
  * Copyright (c) 2010 Markus Friedl.  All rights reserved.
  *
@@ -123,6 +123,7 @@ pkcs11_rsa_private_encrypt(int flen, const u_char *from, u_char *to, RSA *rsa,
         buffer_put_int(&msg, 0);
         xfree(blob);
         send_msg(&msg);
+        buffer_clear(&msg);
 
         if (recv_msg(&msg) == SSH2_AGENT_SIGN_RESPONSE) {
                 signature = buffer_get_string(&msg, &slen);
@@ -132,6 +133,7 @@ pkcs11_rsa_private_encrypt(int flen, const u_char *from, u_char *to, RSA *rsa,
                 }
                 xfree(signature);
         }
+        buffer_free(&msg);
         return (ret);
 }