From 47d11734e1303b1705f9fc23ee93776db2c47d65 Mon Sep 17 00:00:00 2001
From: Aris Adamantiadis <aris@0xbadc0de.be>
Date: Sun, 19 Dec 2010 12:33:31 +0100
Subject: [PATCH] Fix free() on uninitialized data on some cases.

---
 src/kex.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/src/kex.c b/src/kex.c
index 2198652d..38869344 100644
--- a/src/kex.c
+++ b/src/kex.c
@@ -256,6 +256,7 @@ SSH_PACKET_CALLBACK(ssh_packet_kexinit){
   enter_function();
   (void)type;
   (void)user;
+  memset(strings, 0, sizeof(strings));
   if(session->session_state != SSH_SESSION_STATE_INITIAL_KEX){
   	ssh_set_error(session,SSH_FATAL,"SSH_KEXINIT received in wrong state");
   	goto error;
@@ -282,8 +283,6 @@ SSH_PACKET_CALLBACK(ssh_packet_kexinit){
       }
   }
 
-  memset(strings, 0, sizeof(char *) * 10);
-
   for (i = 0; i < 10; i++) {
     str = buffer_get_ssh_string(packet);
     if (str == NULL) {