git: 02c646bb7288 - stable/13 - ssh-keygen: fix double free in error path
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Fri, 07 Oct 2022 01:39:43 UTC
The branch stable/13 has been updated by emaste: URL: https://cgit.FreeBSD.org/src/commit/?id=02c646bb7288986912ad7bbe410636d0e257eda9 commit 02c646bb7288986912ad7bbe410636d0e257eda9 Author: Ed Maste <emaste@FreeBSD.org> AuthorDate: 2022-10-04 20:31:39 +0000 Commit: Ed Maste <emaste@FreeBSD.org> CommitDate: 2022-10-07 01:39:00 +0000 ssh-keygen: fix double free in error path From OpenSSH-portable commit 5062ad48814b, OpenBSD commit 39f35e16ba87. MFC after: 3 days (cherry picked from commit 666605ad2df3f5c1fb973dbd719ffbe3f3935c1d) --- crypto/openssh/sshsig.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/crypto/openssh/sshsig.c b/crypto/openssh/sshsig.c index 1e3b63982ba8..eb2a931e9c18 100644 --- a/crypto/openssh/sshsig.c +++ b/crypto/openssh/sshsig.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshsig.c,v 1.29 2022/03/30 04:27:51 djm Exp $ */ +/* $OpenBSD: sshsig.c,v 1.30 2022/08/19 03:06:30 djm Exp $ */ /* * Copyright (c) 2019 Google LLC * @@ -491,7 +491,7 @@ hash_file(int fd, const char *hashalg, struct sshbuf **bp) { char *hex, rbuf[8192], hash[SSH_DIGEST_MAX_LENGTH]; ssize_t n, total = 0; - struct ssh_digest_ctx *ctx; + struct ssh_digest_ctx *ctx = NULL; int alg, oerrno, r = SSH_ERR_INTERNAL_ERROR; struct sshbuf *b = NULL; @@ -514,7 +514,6 @@ hash_file(int fd, const char *hashalg, struct sshbuf **bp) continue; oerrno = errno; error_f("read: %s", strerror(errno)); - ssh_digest_free(ctx); errno = oerrno; r = SSH_ERR_SYSTEM_ERROR; goto out; @@ -549,9 +548,11 @@ hash_file(int fd, const char *hashalg, struct sshbuf **bp) /* success */ r = 0; out: + oerrno = errno; sshbuf_free(b); ssh_digest_free(ctx); explicit_bzero(hash, sizeof(hash)); + errno = oerrno; return r; }