1 files changed, 7 insertions, 5 deletions

diff --git a/ssh.c b/ssh.c
index 851d85b50..8931ecf81 100644
--- a/ssh.c
+++ b/ssh.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh.c,v 1.513 2020/01/23 10:24:29 dtucker Exp $ */
+/* $OpenBSD: ssh.c,v 1.514 2020/01/25 00:03:36 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -2072,7 +2072,8 @@ load_public_identity_files(struct passwd *pw)
         struct sshkey *certificates[SSH_MAX_CERTIFICATE_FILES];
         int certificate_file_userprovided[SSH_MAX_CERTIFICATE_FILES];
 #ifdef ENABLE_PKCS11
-        struct sshkey **keys;
+        struct sshkey **keys = NULL;
+        char **comments = NULL;
         int nkeys;
 #endif /* PKCS11 */
 
@@ -2091,18 +2092,19 @@ load_public_identity_files(struct passwd *pw)
             options.num_identity_files < SSH_MAX_IDENTITY_FILES &&
             (pkcs11_init(!options.batch_mode) == 0) &&
             (nkeys = pkcs11_add_provider(options.pkcs11_provider, NULL,
-            &keys)) > 0) {
+            &keys, &comments)) > 0) {
                 for (i = 0; i < nkeys; i++) {
                         if (n_ids >= SSH_MAX_IDENTITY_FILES) {
                                 sshkey_free(keys[i]);
+                                free(comments[i]);
                                 continue;
                         }
                         identity_keys[n_ids] = keys[i];
-                        identity_files[n_ids] =
-                            xstrdup(options.pkcs11_provider); /* XXX */
+                        identity_files[n_ids] = comments[i]; /* transferred */
                         n_ids++;
                 }
                 free(keys);
+                free(comments);
         }
 #endif /* ENABLE_PKCS11 */
         for (i = 0; i < options.num_identity_files; i++) {