upstream commit
fd leaks; report Qualys Security Advisory team; ok
deraadt@
Upstream-ID: 4ec0f12b9d8fa202293c9effa115464185aa071d
diff --git a/sshconnect.c b/sshconnect.c
index a22710d..356ec79 100644
--- a/sshconnect.c
+++ b/sshconnect.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshconnect.c,v 1.270 2016/01/14 16:17:40 markus Exp $ */
+/* $OpenBSD: sshconnect.c,v 1.271 2016/01/14 22:56:56 markus Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -167,6 +167,7 @@
if ((sock = mm_receive_fd(sp[1])) == -1)
fatal("proxy dialer did not pass back a connection");
+ close(sp[1]);
while (waitpid(pid, NULL, 0) == -1)
if (errno != EINTR)
diff --git a/sshconnect2.c b/sshconnect2.c
index 1f91853..4d426c3 100644
--- a/sshconnect2.c
+++ b/sshconnect2.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshconnect2.c,v 1.236 2016/01/14 16:17:40 markus Exp $ */
+/* $OpenBSD: sshconnect2.c,v 1.237 2016/01/14 22:56:56 markus Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
* Copyright (c) 2008 Damien Miller. All rights reserved.
@@ -1344,6 +1344,7 @@
if (r != SSH_ERR_AGENT_NO_IDENTITIES)
debug("%s: ssh_fetch_identitylist: %s",
__func__, ssh_err(r));
+ close(agent_fd);
} else {
for (j = 0; j < idlist->nkeys; j++) {
found = 0;