lib/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2025-11-29 01:03:57 +03:00
Code Activity

dh-gex: Correctly free modulus and generator with openssl

Browse Source 
Fixes T176

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
This commit is contained in:
Jakub Jelen
2019-09-20 13:13:07 +02:00
parent 2f05243a4a
commit aac682f60e
1 changed files with 12 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
src/dh-gex.c
View File

@@ -107,7 +107,7 @@ SSH_PACKET_CALLBACK(ssh_packet_client_dhgex_group)
int blen; int blen;
bignum pmin1 = NULL, one = NULL; bignum pmin1 = NULL, one = NULL;
bignum_CTX ctx = bignum_ctx_new(); bignum_CTX ctx = bignum_ctx_new();
bignum modulus, generator; bignum modulus = NULL, generator = NULL;
const_bignum pubkey; const_bignum pubkey;
(void) type; (void) type;
(void) user; (void) user;
@@ -179,14 +179,18 @@ SSH_PACKET_CALLBACK(ssh_packet_client_dhgex_group)
bignum_ctx_free(ctx); bignum_ctx_free(ctx);
ctx = NULL; ctx = NULL;
/* all checks passed, set parameters */ /* all checks passed, set parameters (the BNs are copied in openssl backend) */
rc = ssh_dh_set_parameters(session->next_crypto->dh_ctx, rc = ssh_dh_set_parameters(session->next_crypto->dh_ctx,
modulus, generator); modulus, generator);
if (rc != SSH_OK) { if (rc != SSH_OK) {
bignum_safe_free(modulus);
bignum_safe_free(generator);
goto error; goto error;
} }
#ifdef HAVE_LIBCRYPTO
bignum_safe_free(modulus);
bignum_safe_free(generator);
#endif
modulus = NULL;
generator = NULL;
/* compute and send DH public parameter */ /* compute and send DH public parameter */
rc = ssh_dh_keypair_gen_keys(session->next_crypto->dh_ctx, rc = ssh_dh_keypair_gen_keys(session->next_crypto->dh_ctx,
@@ -221,6 +225,8 @@ SSH_PACKET_CALLBACK(ssh_packet_client_dhgex_group)
return SSH_PACKET_USED; return SSH_PACKET_USED;
error: error:
bignum_safe_free(modulus);
bignum_safe_free(generator);
bignum_safe_free(one); bignum_safe_free(one);
bignum_safe_free(pmin1); bignum_safe_free(pmin1);
if(!bignum_ctx_invalid(ctx)) { if(!bignum_ctx_invalid(ctx)) {
@@ -642,8 +648,8 @@ static SSH_PACKET_CALLBACK(ssh_packet_server_dhgex_request)
generator); generator);
#ifdef HAVE_LIBCRYPTO #ifdef HAVE_LIBCRYPTO
bignum_safe_free(generator); bignum_safe_free(generator);
bignum_safe_free(modulus); bignum_safe_free(modulus);
#endif #endif
if (rc != SSH_OK) { if (rc != SSH_OK) {