Bug 1048 - scp.c xstrdup() memory leak?
Summary: scp.c xstrdup() memory leak?
Status: CLOSED INVALID
Alias: None
Product: Portable OpenSSH
Classification: Unclassified
Component: scp (show other bugs)
Version: 4.1p1
Hardware: All All
: P2 normal
Assignee: Assigned to nobody
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2005-05-29 00:43 AEST by flatline
Modified: 2006-10-07 11:40 AEST (History)
0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description flatline 2005-05-29 00:43:53 AEST 
20050403
 - (djm) OpenBSD CVS Sync
   - deraadt@cvs.openbsd.org 2005/03/31 18:39:21
     [scp.c]
     copy argv[] element instead of smashing the one that ps will see; ok otto

This addition uses xstrdup(), but fails to free the allocated buffer after use. 
I'm not sure how much of an impact this could have, but perhaps it could lead 
to a memory starvation DoS. I'm not including a patch here since the fix is too 
obvious.

Regards,
flatline
Comment 1 Damien Miller 2005-06-03 12:06:50 AEST 
obviously wrong. Think about it.
Comment 2 Darren Tucker 2006-10-07 11:40:32 AEST 
Change all RESOLVED bug to CLOSED with the exception of the ones fixed post-4.4.