[prev in list] [next in list] [prev in thread] [next in thread]
List: openssh-unix-dev
Subject: [PATCH] Potential leak of memory in ssh_packet_read_seqnr()
From: "Albert S." <mail () quitesimple ! org>
Date: 2017-01-07 11:44:03
Message-ID: a599a418-374f-e2cb-56fa-07b741b7529a () quitesimple ! org
[Download RAW message or body]
Currently there is a case where ssh_packet_read_seqnr returns without
calling free(setp).
This patch ensures that free gets called before returning.
diff --git a/packet.c b/packet.c
index ad1f6b49..47a1b951 100644
--- a/packet.c
+++ b/packet.c
@@ -1447,8 +1447,10 @@ ssh_packet_read_seqnr(struct ssh *ssh, u_char
*typep, u_int32_t *seqnr_p)
break;
}
}
- if (r == 0)
- return SSH_ERR_CONN_TIMEOUT;
+ if (r == 0) {
+ r = SSH_ERR_CONN_TIMEOUT;
+ goto out;
+ }
/* Read data from the socket. */
len = read(state->connection_in, buf, sizeof(buf));
if (len == 0) {
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic