openssh unix dev - Nov 2022 - Memory leak, make_absolute_pwd_glob

We had one more report from Coverity Scan after we brought 9.1p1 into
the FreeBSD base system. It complains that calls like "path1
make_absolute_pwd_glob(path1, *pwd);" in sftp.c leak the allocation.

All make_absolute_pwd_glob() calls but one are of that form, so
perhaps have it consume and free the first arg, as below (and
https://reviews.freebsd.org/D37253)?

diff --git a/crypto/openssh/sftp.c b/crypto/openssh/sftp.cindex
c3c347e087e4..630e7773af75 100644
--- a/crypto/openssh/sftp.c
+++ b/crypto/openssh/sftp.c
@@ -621,14 +621,14 @@ escape_glob(const char *s)
 }

 static char *
-make_absolute_pwd_glob(const char *p, const char *pwd)
+make_absolute_pwd_glob(char *p, const char *pwd)
 {
        char *ret, *escpwd;

        escpwd = escape_glob(pwd);
        if (p == NULL)
                return escpwd;
-       ret = make_absolute(xstrdup(p), escpwd);
+       ret = make_absolute(p, escpwd);
        free(escpwd);
        return ret;
 }
@@ -641,7 +641,7 @@ process_get(struct sftp_conn *conn, const char
*src, const char *dst,
        glob_t g;
        int i, r, err = 0;

-       abs_src = make_absolute_pwd_glob(src, pwd);
+       abs_src = make_absolute_pwd_glob(xstrdup(src), pwd);
        memset(&g, 0, sizeof(g));

        debug3("Looking up %s", abs_src);

On Fri, 11 Nov 2022 at 11:05, Ed Maste <emaste at freebsd.org>
wrote:
>
> We had one more report from Coverity Scan after we brought 9.1p1 into
> the FreeBSD base system. It complains that calls like "path1 >
make_absolute_pwd_glob(path1, *pwd);" in sftp.c leak the allocation.
I see this same issue has since been reported by Coverity upstream and
fixed in 36c6c3eff5e4, but that change still missed all of the other
leaks addressed by my change.

Updated patch in https://reviews.freebsd.org/D37253