openssh unix dev - Nov 2022 - Potential memory leak with channel_request_remote_forwarding

Dear openssh-unix-dev,

I think it is not necessary to call xstrdup on the parameters for
permission_set_add as they are duplicated there too with MAYBE_DUP.
It is possible to simplify the branching a little further.
Found by CodeChecker.

mbuhl


Index: channels.c
==================================================================RCS file:
/cvs/src/usr.bin/ssh/channels.c,v
retrieving revision 1.420
diff -u -p -r1.420 channels.c
--- channels.c	19 Sep 2022 08:49:50 -0000	1.420
+++ channels.c	13 Nov 2022 21:48:37 -0000
@@ -4063,18 +4063,18 @@ channel_request_remote_forwarding(struct
 		host_to_connect = listen_host = listen_path = NULL;
 		port_to_connect = listen_port = 0;
 		if (fwd->connect_path != NULL) {
-			host_to_connect = xstrdup(fwd->connect_path);
+			host_to_connect = fwd->connect_path;
 			port_to_connect = PORT_STREAMLOCAL;
 		} else {
-			host_to_connect = xstrdup(fwd->connect_host);
+			host_to_connect = fwd->connect_host;
 			port_to_connect = fwd->connect_port;
 		}
 		if (fwd->listen_path != NULL) {
-			listen_path = xstrdup(fwd->listen_path);
+			listen_path = fwd->listen_path;
 			listen_port = PORT_STREAMLOCAL;
 		} else {
 			if (fwd->listen_host != NULL)
-				listen_host = xstrdup(fwd->listen_host);
+				listen_host = fwd->listen_host;
 			listen_port = fwd->listen_port;
 		}
 		idx = permission_set_add(ssh, FORWARD_USER, FORWARD_LOCAL,

ok djm, but could you mark these as const in their declaration
at the start of the function? It's a useful hint...

On Sun, 13 Nov 2022, Moritz Buhl wrote:
> Dear openssh-unix-dev,
> 
> I think it is not necessary to call xstrdup on the parameters for
> permission_set_add as they are duplicated there too with MAYBE_DUP.
> It is possible to simplify the branching a little further.
> Found by CodeChecker.
> 
> mbuhl
> 
> 
> Index: channels.c
> ==================================================================> RCS
file: /cvs/src/usr.bin/ssh/channels.c,v
> retrieving revision 1.420
> diff -u -p -r1.420 channels.c
> --- channels.c	19 Sep 2022 08:49:50 -0000	1.420
> +++ channels.c	13 Nov 2022 21:48:37 -0000
> @@ -4063,18 +4063,18 @@ channel_request_remote_forwarding(struct
>  		host_to_connect = listen_host = listen_path = NULL;
>  		port_to_connect = listen_port = 0;
>  		if (fwd->connect_path != NULL) {
> -			host_to_connect = xstrdup(fwd->connect_path);
> +			host_to_connect = fwd->connect_path;
>  			port_to_connect = PORT_STREAMLOCAL;
>  		} else {
> -			host_to_connect = xstrdup(fwd->connect_host);
> +			host_to_connect = fwd->connect_host;
>  			port_to_connect = fwd->connect_port;
>  		}
>  		if (fwd->listen_path != NULL) {
> -			listen_path = xstrdup(fwd->listen_path);
> +			listen_path = fwd->listen_path;
>  			listen_port = PORT_STREAMLOCAL;
>  		} else {
>  			if (fwd->listen_host != NULL)
> -				listen_host = xstrdup(fwd->listen_host);
> +				listen_host = fwd->listen_host;
>  			listen_port = fwd->listen_port;
>  		}
>  		idx = permission_set_add(ssh, FORWARD_USER, FORWARD_LOCAL,
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
>