- stevesk@cvs.openbsd.org 2005/10/17 13:45:05
[dns.c]
fix memory leaks from 2 sources:
1) key_fingerprint_raw()
2) malloc in dns_read_rdata()
ok jakob@
diff --git a/dns.c b/dns.c
index a62f439..4ff9ef3 100644
--- a/dns.c
+++ b/dns.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: dns.c,v 1.13 2005/10/13 19:13:41 stevesk Exp $ */
+/* $OpenBSD: dns.c,v 1.14 2005/10/17 13:45:05 stevesk Exp $ */
/*
* Copyright (c) 2003 Wesley Griffin. All rights reserved.
@@ -41,7 +41,7 @@
#include "dns.h"
#include "log.h"
-RCSID("$OpenBSD: dns.c,v 1.13 2005/10/13 19:13:41 stevesk Exp $");
+RCSID("$OpenBSD: dns.c,v 1.14 2005/10/17 13:45:05 stevesk Exp $");
#ifndef LWRES
static const char *errset_text[] = {
@@ -93,12 +93,14 @@
*algorithm = SSHFP_KEY_DSA;
break;
default:
- *algorithm = SSHFP_KEY_RESERVED;
+ *algorithm = SSHFP_KEY_RESERVED; /* 0 */
}
if (*algorithm) {
*digest_type = SSHFP_HASH_SHA1;
*digest = key_fingerprint_raw(key, SSH_FP_SHA1, digest_len);
+ if (*digest == NULL)
+ fatal("dns_read_key: null from key_fingerprint_raw()");
success = 1;
} else {
*digest_type = SSHFP_HASH_RESERVED;
@@ -131,7 +133,7 @@
*digest = (u_char *) xmalloc(*digest_len);
memcpy(*digest, rdata + 2, *digest_len);
} else {
- *digest = NULL;
+ *digest = xstrdup("");
}
success = 1;
@@ -245,8 +247,10 @@
*flags |= DNS_VERIFY_MATCH;
}
}
+ xfree(dnskey_digest);
}
+ xfree(hostkey_digest); /* from key_fingerprint_raw() */
freerrset(fingerprints);
if (*flags & DNS_VERIFY_FOUND)
@@ -289,6 +293,7 @@
for (i = 0; i < rdata_digest_len; i++)
fprintf(f, "%02x", rdata_digest[i]);
fprintf(f, "\n");
+ xfree(rdata_digest); /* from key_fingerprint_raw() */
success = 1;
} else {
error("dns_export_rr: unsupported algorithm");