diff --git a/hostfile.c b/hostfile.c index ce00cd713..a035b3813 100644 --- a/hostfile.c +++ b/hostfile.c @@ -1,4 +1,4 @@ -/* $OpenBSD: hostfile.c,v 1.91 2021/07/05 01:16:46 dtucker Exp $ */ +/* $OpenBSD: hostfile.c,v 1.92 2021/10/02 03:17:01 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -118,7 +118,7 @@ host_hash(const char *host, const char *name_from_hostfile, u_int src_len) struct ssh_hmac_ctx *ctx; u_char salt[256], result[256]; char uu_salt[512], uu_result[512]; - static char encoded[1024]; + char *encoded = NULL; u_int len; len = ssh_digest_bytes(SSH_DIGEST_SHA1); @@ -143,9 +143,8 @@ host_hash(const char *host, const char *name_from_hostfile, u_int src_len) if (__b64_ntop(salt, len, uu_salt, sizeof(uu_salt)) == -1 || __b64_ntop(result, len, uu_result, sizeof(uu_result)) == -1) fatal_f("__b64_ntop failed"); - - snprintf(encoded, sizeof(encoded), "%s%s%c%s", HASH_MAGIC, uu_salt, - HASH_DELIM, uu_result); + xasprintf(&encoded, "%s%s%c%s", HASH_MAGIC, uu_salt, HASH_DELIM, + uu_result); return (encoded); } @@ -456,6 +455,7 @@ write_host_entry(FILE *f, const char *host, const char *ip, else { fprintf(f, "%s ", lhost); } + free(hashed_host); free(lhost); if ((r = sshkey_write(key, f)) == 0) success = 1; @@ -730,8 +730,8 @@ hostfile_replace_entries(const char *filename, const char *host, const char *ip, static int match_maybe_hashed(const char *host, const char *names, int *was_hashed) { - int hashed = *names == HASH_DELIM; - const char *hashed_host; + int hashed = *names == HASH_DELIM, ret; + char *hashed_host = NULL; size_t nlen = strlen(names); if (was_hashed != NULL) @@ -739,8 +739,10 @@ match_maybe_hashed(const char *host, const char *names, int *was_hashed) if (hashed) { if ((hashed_host = host_hash(host, names, nlen)) == NULL) return -1; - return nlen == strlen(hashed_host) && - strncmp(hashed_host, names, nlen) == 0; + ret = (nlen == strlen(hashed_host) && + strncmp(hashed_host, names, nlen) == 0); + free(hashed_host); + return ret; } return match_hostname(host, names) == 1; } diff --git a/ssh-keygen.c b/ssh-keygen.c index 4b40768d5..9b912f0a5 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keygen.c,v 1.437 2021/09/08 03:23:44 djm Exp $ */ +/* $OpenBSD: ssh-keygen.c,v 1.438 2021/10/02 03:17:01 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1994 Tatu Ylonen , Espoo, Finland @@ -1203,6 +1203,7 @@ known_hosts_hash(struct hostkey_foreach_line *l, void *_ctx) if ((hashed = host_hash(cp, NULL, 0)) == NULL) fatal("hash_host failed"); fprintf(ctx->out, "%s %s\n", hashed, l->rawkey); + free(hashed); ctx->has_unhashed = 1; } free(ohosts); diff --git a/ssh-keyscan.c b/ssh-keyscan.c index 7abbcbff5..d688b3c34 100644 --- a/ssh-keyscan.c +++ b/ssh-keyscan.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keyscan.c,v 1.139 2021/01/27 09:26:54 djm Exp $ */ +/* $OpenBSD: ssh-keyscan.c,v 1.140 2021/10/02 03:17:01 dtucker Exp $ */ /* * Copyright 1995, 1996 by David Mazieres . * @@ -305,8 +305,8 @@ keygrab_ssh2(con *c) static void keyprint_one(const char *host, struct sshkey *key) { - char *hostport; - const char *known_host, *hashed; + char *hostport = NULL, *hashed = NULL; + const char *known_host; found_one = 1; @@ -324,6 +324,7 @@ keyprint_one(const char *host, struct sshkey *key) fprintf(stdout, "%s ", known_host); sshkey_write(key, stdout); fputs("\n", stdout); + free(hashed); free(hostport); }