| Summary: | Memory leak in userauth_pubkey | ||||||
|---|---|---|---|---|---|---|---|
| Product: | Portable OpenSSH | Reporter: | Colin Watson <cjwatson> | ||||
| Component: | sshd | Assignee: | Assigned to nobody <unassigned-bugs> | ||||
| Status: | CLOSED FIXED | ||||||
| Severity: | normal | CC: | djm | ||||
| Priority: | P5 | ||||||
| Version: | -current | ||||||
| Hardware: | Other | ||||||
| OS: | Linux | ||||||
| Bug Depends on: | |||||||
| Bug Blocks: | 2852 | ||||||
| Attachments: |
|
||||||
This was committed back in August and made the openssh-7.8 release Close RESOLVED bugs with the release of openssh-8.0 |
Created attachment 3171 [details] Fix memory leak in userauth_pubkey While reviewing a backport of commit 74287f5df9966a0648b4a68417451dd18f079ab8 (OpenBSD b4891882fbe413f230fe8ac8a37349b03bd0b70d; the "delay bailout for invalid authenticating user" patch), I noticed that the change to initialise b to NULL didn't seem to be paired with corresponding cleanup code in the way that I'd expect. I think there's a memory leak on one error path. Patch attached (only compile-tested).