bugzilla-daemon at mindrot.org
2005-May-28 14:43 UTC
[Bug 1048] scp.c xstrdup() memory leak?
http://bugzilla.mindrot.org/show_bug.cgi?id=1048
Summary: scp.c xstrdup() memory leak?
Product: Portable OpenSSH
Version: 4.1p1
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: scp
AssignedTo: bitbucket at mindrot.org
ReportedBy: flatline at greyhat.nl
20050403
- (djm) OpenBSD CVS Sync
- deraadt at cvs.openbsd.org 2005/03/31 18:39:21
[scp.c]
copy argv[] element instead of smashing the one that ps will see; ok otto
This addition uses xstrdup(), but fails to free the allocated buffer after use.
I'm not sure how much of an impact this could have, but perhaps it could
lead
to a memory starvation DoS. I'm not including a patch here since the fix is
too
obvious.
Regards,
flatline
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2005-Jun-03 02:06 UTC
[Bug 1048] scp.c xstrdup() memory leak?
http://bugzilla.mindrot.org/show_bug.cgi?id=1048
djm at mindrot.org changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |INVALID
------- Additional Comments From djm at mindrot.org 2005-06-03 12:06 -------
obviously wrong. Think about it.
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.