10 files changed, 52 insertions, 22 deletions

diff --git a/ChangeLog b/ChangeLog
index 41c66dbd3..984223fb1 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,10 @@
+20030310
+- (djm) OpenBSD CVS Sync
+   - markus@cvs.openbsd.org 2003/03/05 22:33:43
+     [channels.c monitor.c scp.c session.c sftp-client.c sftp-int.c]
+     [sftp-server.c ssh-add.c sshconnect2.c]
+     fix memory leaks; from dlheine@suif.Stanford.EDU/CLOUSEAU; ok djm@
+
 20030225
  - (djm) Fix some compile errors spotted by dtucker and his fabulous 
    tinderbox
@@ -1191,4 +1198,4 @@
      save auth method before monitor_reset_key_state(); bugzilla bug #284;
      ok provos@
 
-$Id: ChangeLog,v 1.2622 2003/02/24 23:22:35 djm Exp $
+$Id: ChangeLog,v 1.2623 2003/03/10 00:21:17 djm Exp $
diff --git a/channels.c b/channels.c
index ea1d46c21..1937b0244 100644
--- a/channels.c
+++ b/channels.c
@@ -39,7 +39,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: channels.c,v 1.186 2003/01/10 10:32:54 djm Exp $");
+RCSID("$OpenBSD: channels.c,v 1.187 2003/03/05 22:33:43 markus Exp $");
 
 #include "ssh.h"
 #include "ssh1.h"
@@ -1997,6 +1997,7 @@ channel_input_port_open(int type, u_int32_t seq, void *ctxt)
                 c->remote_id = remote_id;
         }
         if (c == NULL) {
+                xfree(originator_string);
                 packet_start(SSH_MSG_CHANNEL_OPEN_FAILURE);
                 packet_put_int(remote_id);
                 packet_send();
@@ -2609,6 +2610,7 @@ x11_input_open(int type, u_int32_t seq, void *ctxt)
                 /* Send refusal to the remote host. */
                 packet_start(SSH_MSG_CHANNEL_OPEN_FAILURE);
                 packet_put_int(remote_id);
+                xfree(remote_host);
         } else {
                 /* Send a confirmation to the remote host. */
                 packet_start(SSH_MSG_CHANNEL_OPEN_CONFIRMATION);
diff --git a/monitor.c b/monitor.c
index 694cd630a..2b4168831 100644
--- a/monitor.c
+++ b/monitor.c
@@ -25,7 +25,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: monitor.c,v 1.32 2003/02/16 17:30:33 markus Exp $");
+RCSID("$OpenBSD: monitor.c,v 1.33 2003/03/05 22:33:43 markus Exp $");
 
 #include <openssl/dh.h>
 
@@ -806,8 +806,9 @@ mm_answer_keyallowed(int socket, Buffer *m)
                         fatal("%s: unknown key type %d", __func__, type);
                         break;
                 }
-                key_free(key);
         }
+        if (key != NULL)
+                key_free(key);
 
         /* clear temporarily storage (used by verify) */
         monitor_reset_key_state();
@@ -1204,8 +1205,9 @@ mm_answer_rsa_keyallowed(int socket, Buffer *m)
                 key_blob = blob;
                 key_bloblen = blen;
                 key_blobtype = MM_RSAUSERKEY;
-                key_free(key);
         }
+        if (key != NULL)
+                key_free(key);
 
         mm_append_debug(m);
 
@@ -1246,6 +1248,9 @@ mm_answer_rsa_challenge(int socket, Buffer *m)
         mm_request_send(socket, MONITOR_ANS_RSACHALLENGE, m);
 
         monitor_permit(mon_dispatch, MONITOR_REQ_RSARESPONSE, 1);
+
+        xfree(blob);
+        key_free(key);
         return (0);
 }
 
@@ -1276,6 +1281,7 @@ mm_answer_rsa_response(int socket, Buffer *m)
                 fatal("%s: received bad response to challenge", __func__);
         success = auth_rsa_verify_response(key, ssh1_challenge, response);
 
+        xfree(blob);
         key_free(key);
         xfree(response);
 
diff --git a/scp.c b/scp.c
index e44a1cf69..ab67c0bb8 100644
--- a/scp.c
+++ b/scp.c
@@ -75,7 +75,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: scp.c,v 1.101 2003/02/02 10:51:13 markus Exp $");
+RCSID("$OpenBSD: scp.c,v 1.102 2003/03/05 22:33:43 markus Exp $");
 
 #include "xmalloc.h"
 #include "atomicio.h"
@@ -395,10 +395,14 @@ toremote(targ, argc, argv)
                                 suser = argv[i];
                                 if (*suser == '\0')
                                         suser = pwd->pw_name;
-                                else if (!okname(suser))
+                                else if (!okname(suser)) {
+                                        xfree(bp);
                                         continue;
-                                if (tuser && !okname(tuser))
+                                }
+                                if (tuser && !okname(tuser)) {
+                                        xfree(bp);
                                         continue;
+                                }
                                 snprintf(bp, len,
                                     "%s%s %s -n "
                                     "-l %s %s %s %s '%s%s%s:%s'",
diff --git a/session.c b/session.c
index a1586d3b4..ce9db27ef 100644
--- a/session.c
+++ b/session.c
@@ -33,7 +33,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: session.c,v 1.153 2003/02/06 09:26:23 markus Exp $");
+RCSID("$OpenBSD: session.c,v 1.154 2003/03/05 22:33:43 markus Exp $");
 
 #include "ssh.h"
 #include "ssh1.h"
@@ -951,7 +951,7 @@ do_setup_env(Session *s, const char *shell)
 {
         char buf[256];
         u_int i, envsize;
-        char **env;
+        char **env, *laddr;
         struct passwd *pw = s->pw;
 
         /* Initialize the environment. */
@@ -1030,9 +1030,10 @@ do_setup_env(Session *s, const char *shell)
             get_remote_ipaddr(), get_remote_port(), get_local_port());
         child_set_env(&env, &envsize, "SSH_CLIENT", buf);
 
+        laddr = get_local_ipaddr(packet_get_connection_in());
         snprintf(buf, sizeof buf, "%.50s %d %.50s %d",
-            get_remote_ipaddr(), get_remote_port(),
-            get_local_ipaddr(packet_get_connection_in()), get_local_port());
+            get_remote_ipaddr(), get_remote_port(), laddr, get_local_port());
+        xfree(laddr);
         child_set_env(&env, &envsize, "SSH_CONNECTION", buf);
 
         if (s->ttyfd != -1)
diff --git a/sftp-client.c b/sftp-client.c
index 8c12dae11..3b3279e65 100644
--- a/sftp-client.c
+++ b/sftp-client.c
@@ -28,7 +28,7 @@
 /* XXX: copy between two remote sites */
 
 #include "includes.h"
-RCSID("$OpenBSD: sftp-client.c,v 1.41 2003/01/14 10:58:00 djm Exp $");
+RCSID("$OpenBSD: sftp-client.c,v 1.42 2003/03/05 22:33:43 markus Exp $");
 
 #include "openbsd-compat/sys-queue.h"
 
@@ -374,6 +374,7 @@ do_lsreaddir(struct sftp_conn *conn, char *path, int printflag,
                                 error("Couldn't read directory: %s",
                                     fx2txt(status));
                                 do_close(conn, handle, handle_len);
+                                xfree(handle);
                                 return(status);
                         }
                 } else if (type != SSH2_FXP_NAME)
@@ -1113,6 +1114,8 @@ do_upload(struct sftp_conn *conn, char *local_path, char *remote_path,
                                     remote_path, fx2txt(status));
                                 do_close(conn, handle, handle_len);
                                 close(local_fd);
+                                xfree(data);
+                                xfree(ack);
                                 goto done;
                         }
                         debug3("In write loop, ack for %u %u bytes at %llu",
diff --git a/sftp-int.c b/sftp-int.c
index 013ea84e0..6987de9a3 100644
--- a/sftp-int.c
+++ b/sftp-int.c
@@ -25,7 +25,7 @@
 /* XXX: recursive operations */
 
 #include "includes.h"
-RCSID("$OpenBSD: sftp-int.c,v 1.56 2003/01/16 03:41:55 djm Exp $");
+RCSID("$OpenBSD: sftp-int.c,v 1.57 2003/03/05 22:33:43 markus Exp $");
 
 #include "buffer.h"
 #include "xmalloc.h"
@@ -1104,6 +1104,7 @@ interactive_loop(int fd_in, int fd_out, char *file1, char *file2)
 
                         err = parse_dispatch_command(conn, cmd, &pwd, 1);
                         xfree(dir);
+                        xfree(pwd);
                         return (err);
                 }
                 xfree(dir);
diff --git a/sftp-server.c b/sftp-server.c
index 4eb31d94e..0c00003f8 100644
--- a/sftp-server.c
+++ b/sftp-server.c
@@ -22,7 +22,7 @@
  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 #include "includes.h"
-RCSID("$OpenBSD: sftp-server.c,v 1.39 2003/02/06 09:29:18 markus Exp $");
+RCSID("$OpenBSD: sftp-server.c,v 1.40 2003/03/05 22:33:43 markus Exp $");
 
 #include "buffer.h"
 #include "bufaux.h"
@@ -158,7 +158,7 @@ handle_new(int use, char *name, int fd, DIR *dirp)
                         handles[i].use = use;
                         handles[i].dirp = dirp;
                         handles[i].fd = fd;
-                        handles[i].name = name;
+                        handles[i].name = xstrdup(name);
                         return i;
                 }
         }
@@ -230,9 +230,11 @@ handle_close(int handle)
         if (handle_is_ok(handle, HANDLE_FILE)) {
                 ret = close(handles[handle].fd);
                 handles[handle].use = HANDLE_UNUSED;
+                xfree(handles[handle].name);
         } else if (handle_is_ok(handle, HANDLE_DIR)) {
                 ret = closedir(handles[handle].dirp);
                 handles[handle].use = HANDLE_UNUSED;
+                xfree(handles[handle].name);
         } else {
                 errno = ENOENT;
         }
@@ -396,7 +398,7 @@ process_open(void)
         if (fd < 0) {
                 status = errno_to_portable(errno);
         } else {
-                handle = handle_new(HANDLE_FILE, xstrdup(name), fd, NULL);
+                handle = handle_new(HANDLE_FILE, name, fd, NULL);
                 if (handle < 0) {
                         close(fd);
                 } else {
@@ -681,7 +683,7 @@ process_opendir(void)
         if (dirp == NULL) {
                 status = errno_to_portable(errno);
         } else {
-                handle = handle_new(HANDLE_DIR, xstrdup(path), 0, dirp);
+                handle = handle_new(HANDLE_DIR, path, 0, dirp);
                 if (handle < 0) {
                         closedir(dirp);
                 } else {
diff --git a/ssh-add.c b/ssh-add.c
index 0c2ce163c..9adec3094 100644
--- a/ssh-add.c
+++ b/ssh-add.c
@@ -35,7 +35,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: ssh-add.c,v 1.65 2003/01/23 13:50:27 markus Exp $");
+RCSID("$OpenBSD: ssh-add.c,v 1.66 2003/03/05 22:33:43 markus Exp $");
 
 #include <openssl/evp.h>
 
@@ -195,6 +195,7 @@ static int
 update_card(AuthenticationConnection *ac, int add, const char *id)
 {
         char *pin;
+        int ret = -1;
 
         pin = read_passphrase("Enter passphrase for smartcard: ", RP_ALLOW_STDIN);
         if (pin == NULL)
@@ -203,12 +204,14 @@ update_card(AuthenticationConnection *ac, int add, const char *id)
         if (ssh_update_card(ac, add, id, pin)) {
                 fprintf(stderr, "Card %s: %s\n",
                     add ? "added" : "removed", id);
-                return 0;
+                ret = 0;
         } else {
                 fprintf(stderr, "Could not %s card: %s\n",
                     add ? "add" : "remove", id);
-                return -1;
+                ret = -1;
         }
+        xfree(pin);
+        return ret;
 }
 
 static int
diff --git a/sshconnect2.c b/sshconnect2.c
index 81d1b91c7..1f92f0296 100644
--- a/sshconnect2.c
+++ b/sshconnect2.c
@@ -23,7 +23,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: sshconnect2.c,v 1.111 2003/02/16 17:09:57 markus Exp $");
+RCSID("$OpenBSD: sshconnect2.c,v 1.112 2003/03/05 22:33:43 markus Exp $");
 
 #include "ssh.h"
 #include "ssh2.h"
@@ -1014,6 +1014,7 @@ userauth_hostbased(Authctxt *authctxt)
         strlcpy(chost, p, len);
         strlcat(chost, ".", len);
         debug2("userauth_hostbased: chost %s", chost);
+        xfree(p);
 
         service = datafellows & SSH_BUG_HBSERVICE ? "ssh-userauth" :
             authctxt->service;