- markus@cvs.openbsd.org 2006/05/17 12:43:34
[scp.c sftp.c ssh-agent.c ssh-keygen.c sshconnect.c]
fix leak; coverity via Kylene Jo Hall
diff --git a/ChangeLog b/ChangeLog
index a4579b9..ff7e97c 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -7,6 +7,9 @@
- markus@cvs.openbsd.org 2006/05/16 09:00:00
[clientloop.c]
missing free; from Kylene Hall
+ - markus@cvs.openbsd.org 2006/05/17 12:43:34
+ [scp.c sftp.c ssh-agent.c ssh-keygen.c sshconnect.c]
+ fix leak; coverity via Kylene Jo Hall
20060521
- (dtucker) [auth.c monitor.c] Now that we don't log from both the monitor
@@ -4640,4 +4643,4 @@
- (djm) Trim deprecated options from INSTALL. Mention UsePAM
- (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu
-$Id: ChangeLog,v 1.4332 2006/06/13 03:00:09 djm Exp $
+$Id: ChangeLog,v 1.4333 2006/06/13 03:00:25 djm Exp $
diff --git a/scp.c b/scp.c
index 2778f8f..e533297 100644
--- a/scp.c
+++ b/scp.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: scp.c,v 1.141 2006/04/01 05:50:29 djm Exp $ */
+/* $OpenBSD: scp.c,v 1.142 2006/05/17 12:43:34 markus Exp $ */
/*
* scp - secure remote copy. This is basically patched BSD rcp which
* uses ssh to do the data transfer (instead of using rcmd).
@@ -193,7 +193,8 @@
* Reserve two descriptors so that the real pipes won't get
* descriptors 0 and 1 because that will screw up dup2 below.
*/
- pipe(reserved);
+ if (pipe(reserved) < 0)
+ fatal("pipe: %s", strerror(errno));
/* Create a socket pair for communicating with ssh. */
if (pipe(pin) < 0)
@@ -499,6 +500,7 @@
source(1, argv + i);
}
}
+ xfree(arg);
}
void
diff --git a/sftp.c b/sftp.c
index 0cc3a47..22fa6ad 100644
--- a/sftp.c
+++ b/sftp.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sftp.c,v 1.81 2006/04/20 21:53:44 djm Exp $ */
+/* $OpenBSD: sftp.c,v 1.82 2006/05/17 12:43:34 markus Exp $ */
/*
* Copyright (c) 2001-2004 Damien Miller <djm@openbsd.org>
*
@@ -548,6 +548,7 @@
if (g.gl_matchc == 1 && dst) {
/* If directory specified, append filename */
+ xfree(tmp);
if (is_dir(dst)) {
if (infer_path(g.gl_pathv[0], &tmp)) {
err = 1;
@@ -572,8 +573,6 @@
out:
xfree(abs_src);
- if (abs_dst)
- xfree(abs_dst);
globfree(&g);
return(err);
}
diff --git a/ssh-agent.c b/ssh-agent.c
index 681c302..656e399 100644
--- a/ssh-agent.c
+++ b/ssh-agent.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-agent.c,v 1.137 2006/03/30 09:58:16 djm Exp $ */
+/* $OpenBSD: ssh-agent.c,v 1.138 2006/05/17 12:43:34 markus Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -315,8 +315,8 @@
Identity *id = lookup_identity(key, 2);
if (id != NULL && (!id->confirm || confirm_key(id) == 0))
ok = key_sign(id->key, &signature, &slen, data, dlen);
+ key_free(key);
}
- key_free(key);
buffer_init(&msg);
if (ok == 0) {
buffer_put_char(&msg, SSH2_AGENT_SIGN_RESPONSE);
diff --git a/ssh-keygen.c b/ssh-keygen.c
index ef41751..e06ae1a 100644
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-keygen.c,v 1.143 2006/03/30 11:05:17 dtucker Exp $ */
+/* $OpenBSD: ssh-keygen.c,v 1.144 2006/05/17 12:43:34 markus Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -514,8 +514,10 @@
xfree(fp);
exit(0);
}
- if (comment)
+ if (comment) {
xfree(comment);
+ comment = NULL;
+ }
f = fopen(identity_file, "r");
if (f != NULL) {
diff --git a/sshconnect.c b/sshconnect.c
index 5f2ad1c..e855f19 100644
--- a/sshconnect.c
+++ b/sshconnect.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshconnect.c,v 1.181 2006/04/20 09:47:59 markus Exp $ */
+/* $OpenBSD: sshconnect.c,v 1.182 2006/05/17 12:43:34 markus Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -928,6 +928,7 @@
ssh_kex(host, hostaddr);
ssh_userauth1(local_user, server_user, host, sensitive);
}
+ xfree(local_user);
}
void