bugzilla-daemon at mindrot.org
2023-Feb-13 14:05 UTC
[Bug 3539] New: sshbuf memory leak in recv_rexec_state()
https://bugzilla.mindrot.org/show_bug.cgi?id=3539
Bug ID: 3539
Summary: sshbuf memory leak in recv_rexec_state()
Product: Portable OpenSSH
Version: 9.1p1
Hardware: All
OS: All
Status: NEW
Severity: normal
Priority: P5
Component: sshd
Assignee: unassigned-bugs at mindrot.org
Reporter: mbr at cipherdyne.org
Created attachment 3671
--> https://bugzilla.mindrot.org/attachment.cgi?id=3671&action=edit
fix sshbuf memory leak in recv_rexec_state()
In recv_rexec_state() the sshbuf 'inc' is not free'd before
returning.
The attached trivial patch fixes this, and matches the behavior of
send_rexec_state() which does free a similarly allocated buffer of the
same name.
--
You are receiving this mail because:
You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2023-Feb-13 14:10 UTC
[Bug 3539] sshbuf memory leak in recv_rexec_state()
https://bugzilla.mindrot.org/show_bug.cgi?id=3539
Michael Rash <mbr at cipherdyne.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |mbr at cipherdyne.org
--
You are receiving this mail because:
You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2023-Feb-13 14:19 UTC
[Bug 3539] sshbuf memory leak in recv_rexec_state()
https://bugzilla.mindrot.org/show_bug.cgi?id=3539
Michael Rash <mbr at cipherdyne.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #3671|0 |1
is obsolete| |
--- Comment #1 from Michael Rash <mbr at cipherdyne.org> ---
Created attachment 3672
--> https://bugzilla.mindrot.org/attachment.cgi?id=3672&action=edit
fix sshbuf memory leak in recv_rexec_state()
Here is a patch with tabs instead of spaces to align with coding style.
--
You are receiving this mail because:
You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2023-Feb-13 14:21 UTC
[Bug 3539] sshbuf memory leak in recv_rexec_state()
https://bugzilla.mindrot.org/show_bug.cgi?id=3539 --- Comment #2 from Michael Rash <mbr at cipherdyne.org> --- (In reply to Michael Rash from comment #1)> Created attachment 3672 [details] > fix sshbuf memory leak in recv_rexec_state() > > Here is a patch with tabs instead of spaces to align with coding > style.In recv_rexec_state() the sshbuf 'inc' is not free'd before returning. The attached trivial patch fixes this, and matches the behavior of send_rexec_state() which does free a similarly allocated buffer of the same name. -- You are receiving this mail because: You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2024-Dec-04 14:45 UTC
[Bug 3539] sshbuf memory leak in recv_rexec_state()
https://bugzilla.mindrot.org/show_bug.cgi?id=3539
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution|--- |FIXED
CC| |djm at mindrot.org
--- Comment #3 from Damien Miller <djm at mindrot.org> ---
This seems to have been fixed when we split sshd into sshd and
sshd-session
--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.