Bug 2003 - [mux.c] fix memory leaks when new session message is malformed
Summary: [mux.c] fix memory leaks when new session message is malformed
Status: CLOSED FIXED
Alias: None
Product: Portable OpenSSH
Classification: Unclassified
Component: ssh (show other bugs)
Version: 6.0p1
Hardware: All All
: P2 critical
Assignee: Assigned to nobody
URL:
Keywords:
Depends on:
Blocks: V_6_1
  Show dependency treegraph
 
Reported: 2012-05-03 04:10 AEST by Bert Wesarg
Modified: 2015-08-11 23:03 AEST (History)
1 user (show)

See Also:

Attachments
Patch fixing memory leak (2.21 KB, patch)
2012-05-03 04:10 AEST, Bert Wesarg 		no flags Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Bert Wesarg 2012-05-03 04:10:07 AEST 
Created attachment 2148 [details]
Patch fixing memory leak

The malf: exception block is also used when extracting the environments
for the new session, therefor we need also to free those if it fails.

Also free the context object in two cleanup blocks.

I set the severity to critical because this could be used to DOS the muxserver by leaking memory in them.
Comment 1 Damien Miller 2012-07-06 11:37:36 AEST 
patch applied - thanks.
Comment 2 Damien Miller 2015-08-11 23:03:55 AEST 
Set all RESOLVED bugs to CLOSED with release of OpenSSH 7.1