mirror of
git://anongit.mindrot.org/openssh.git
synced 2024-12-23 18:32:26 +00:00
- stevesk@cvs.openbsd.org 2005/10/17 13:45:05
[dns.c] fix memory leaks from 2 sources: 1) key_fingerprint_raw() 2) malloc in dns_read_rdata() ok jakob@
This commit is contained in:
parent
c1af1d5f40
commit
6571249074
13
dns.c
13
dns.c
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: dns.c,v 1.13 2005/10/13 19:13:41 stevesk Exp $ */
|
||||
/* $OpenBSD: dns.c,v 1.14 2005/10/17 13:45:05 stevesk Exp $ */
|
||||
|
||||
/*
|
||||
* Copyright (c) 2003 Wesley Griffin. All rights reserved.
|
||||
@ -41,7 +41,7 @@
|
||||
#include "dns.h"
|
||||
#include "log.h"
|
||||
|
||||
RCSID("$OpenBSD: dns.c,v 1.13 2005/10/13 19:13:41 stevesk Exp $");
|
||||
RCSID("$OpenBSD: dns.c,v 1.14 2005/10/17 13:45:05 stevesk Exp $");
|
||||
|
||||
#ifndef LWRES
|
||||
static const char *errset_text[] = {
|
||||
@ -93,12 +93,14 @@ dns_read_key(u_int8_t *algorithm, u_int8_t *digest_type,
|
||||
*algorithm = SSHFP_KEY_DSA;
|
||||
break;
|
||||
default:
|
||||
*algorithm = SSHFP_KEY_RESERVED;
|
||||
*algorithm = SSHFP_KEY_RESERVED; /* 0 */
|
||||
}
|
||||
|
||||
if (*algorithm) {
|
||||
*digest_type = SSHFP_HASH_SHA1;
|
||||
*digest = key_fingerprint_raw(key, SSH_FP_SHA1, digest_len);
|
||||
if (*digest == NULL)
|
||||
fatal("dns_read_key: null from key_fingerprint_raw()");
|
||||
success = 1;
|
||||
} else {
|
||||
*digest_type = SSHFP_HASH_RESERVED;
|
||||
@ -131,7 +133,7 @@ dns_read_rdata(u_int8_t *algorithm, u_int8_t *digest_type,
|
||||
*digest = (u_char *) xmalloc(*digest_len);
|
||||
memcpy(*digest, rdata + 2, *digest_len);
|
||||
} else {
|
||||
*digest = NULL;
|
||||
*digest = xstrdup("");
|
||||
}
|
||||
|
||||
success = 1;
|
||||
@ -245,8 +247,10 @@ verify_host_key_dns(const char *hostname, struct sockaddr *address,
|
||||
*flags |= DNS_VERIFY_MATCH;
|
||||
}
|
||||
}
|
||||
xfree(dnskey_digest);
|
||||
}
|
||||
|
||||
xfree(hostkey_digest); /* from key_fingerprint_raw() */
|
||||
freerrset(fingerprints);
|
||||
|
||||
if (*flags & DNS_VERIFY_FOUND)
|
||||
@ -289,6 +293,7 @@ export_dns_rr(const char *hostname, const Key *key, FILE *f, int generic)
|
||||
for (i = 0; i < rdata_digest_len; i++)
|
||||
fprintf(f, "%02x", rdata_digest[i]);
|
||||
fprintf(f, "\n");
|
||||
xfree(rdata_digest); /* from key_fingerprint_raw() */
|
||||
success = 1;
|
||||
} else {
|
||||
error("dns_export_rr: unsupported algorithm");
|
||||
|
Loading…
Reference in New Issue
Block a user