git: 666605ad2df3 - main - ssh-keygen: fix double free in error path
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Tue, 04 Oct 2022 21:17:24 UTC
The branch main has been updated by emaste:
URL: https://cgit.FreeBSD.org/src/commit/?id=666605ad2df3f5c1fb973dbd719ffbe3f3935c1d
commit 666605ad2df3f5c1fb973dbd719ffbe3f3935c1d
Author: Ed Maste <emaste@FreeBSD.org>
AuthorDate: 2022-10-04 20:31:39 +0000
Commit: Ed Maste <emaste@FreeBSD.org>
CommitDate: 2022-10-04 20:33:11 +0000
ssh-keygen: fix double free in error path
From OpenSSH-portable commit 5062ad48814b, OpenBSD commit 39f35e16ba87.
MFC after: 3 days
---
crypto/openssh/sshsig.c | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/crypto/openssh/sshsig.c b/crypto/openssh/sshsig.c
index 1e3b63982ba8..eb2a931e9c18 100644
--- a/crypto/openssh/sshsig.c
+++ b/crypto/openssh/sshsig.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshsig.c,v 1.29 2022/03/30 04:27:51 djm Exp $ */
+/* $OpenBSD: sshsig.c,v 1.30 2022/08/19 03:06:30 djm Exp $ */
/*
* Copyright (c) 2019 Google LLC
*
@@ -491,7 +491,7 @@ hash_file(int fd, const char *hashalg, struct sshbuf **bp)
{
char *hex, rbuf[8192], hash[SSH_DIGEST_MAX_LENGTH];
ssize_t n, total = 0;
- struct ssh_digest_ctx *ctx;
+ struct ssh_digest_ctx *ctx = NULL;
int alg, oerrno, r = SSH_ERR_INTERNAL_ERROR;
struct sshbuf *b = NULL;
@@ -514,7 +514,6 @@ hash_file(int fd, const char *hashalg, struct sshbuf **bp)
continue;
oerrno = errno;
error_f("read: %s", strerror(errno));
- ssh_digest_free(ctx);
errno = oerrno;
r = SSH_ERR_SYSTEM_ERROR;
goto out;
@@ -549,9 +548,11 @@ hash_file(int fd, const char *hashalg, struct sshbuf **bp)
/* success */
r = 0;
out:
+ oerrno = errno;
sshbuf_free(b);
ssh_digest_free(ctx);
explicit_bzero(hash, sizeof(hash));
+ errno = oerrno;
return r;
}