The variable cmd is xmalloc'd by buffer_get_string. It is then used in some places but never freed. This patch places the xfree after the last usage and within the confines of all paths. This entire set of patches passed the regression tests on my system. Memory leak bug found by Coverity. Signed-off-by: Kylene Hall <kjhall at us.ibm.com> --- clientloop.c | 2 ++ 1 files changed, 2 insertions(+) diff -uprN openssh-4.3p2/clientloop.c openssh-4.3p2-kylie/clientloop.c --- openssh-4.3p2/clientloop.c 2005-12-30 23:22:32.000000000 -0600 +++ openssh-4.3p2-kylie/clientloop.c 2006-05-04 10:36:49.000000000 -0500 @@ -833,6 +833,8 @@ client_process_control(fd_set * readset) debug2("%s: accepted tty %d, subsys %d, cmd %s", __func__, cctx->want_tty, cctx->want_subsys, cmd); + xfree(cmd); + /* Gather fds from client */ new_fd[0] = mm_receive_fd(client_fd); new_fd[1] = mm_receive_fd(client_fd);