search for: kylene

The variable local_user was allocated by xstrdup and is not freed or pointed to in this branch. This patch adds the xfree. This entire set of patches passed the regression tests on my system. Bug found by Coverity. Signed-off-by: Kylene Hall <kjhall at us.ibm.com> --- sshconnect.c | 1 + 1 files changed, 1 insertion(+) diff -uprN openssh-4.3p2/sshconnect.c openssh-4.3p2-kylie/sshconnect.c --- openssh-4.3p2/sshconnect.c 2005-12-13 02:29:03.000000000 -0600 +++ openssh-4.3p2-kylie/sshconnect.c 2006-05-04 10:07:57.000000000 -...

...in CMP, therefore, IV should be checked before sending it to this macro. This patch adds what is common in other parts of the code but is missing on this particular check. This entire set of patches passed the regression tests on my system. Null dereference bug found by Coverity. Signed-off-by: Kylene Hall <kjhall at us.ibm.com> --- deattack.c | 2 +- 1 files changed, 1 insertion(+), 1 deletion(-) diff -uprN openssh-4.3p2/deattack.c openssh-4.3p2-kylie/deattack.c --- openssh-4.3p2/deattack.c 2003-09-22 06:04:23.000000000 -0500 +++ openssh-4.3p2-kylie/deattack.c 2006-05-04 15:10:19.00000...

...e value as an array index thus not being able to handle negative values. This patch adds the return code check and provides an appropriate error exit in the event of a negative return code. This entire set of patches passed the regression tests on my system. Bugs found by Coverity. Signed-off-by: Kylene Hall <kjhall at us.ibm.com> --- sftp-server.c | 27 +++++++++++++++++++++++++-- 1 files changed, 25 insertions(+), 2 deletions(-) diff -uprN openssh-4.3p2/sftp-server.c openssh-4.3p2-kylie/sftp-server.c --- openssh-4.3p2/sftp-server.c 2006-01-02 06:40:51.000000000 -0600 +++ openssh-4.3p2-ky...

...d is xmalloc'd by buffer_get_string. It is then used in some places but never freed. This patch places the xfree after the last usage and within the confines of all paths. This entire set of patches passed the regression tests on my system. Memory leak bug found by Coverity. Signed-off-by: Kylene Hall <kjhall at us.ibm.com> --- clientloop.c | 2 ++ 1 files changed, 2 insertions(+) diff -uprN openssh-4.3p2/clientloop.c openssh-4.3p2-kylie/clientloop.c --- openssh-4.3p2/clientloop.c 2005-12-30 23:22:32.000000000 -0600 +++ openssh-4.3p2-kylie/clientloop.c 2006-05-04 10:36:49.000000000...

The file descriptor f is not closed in this error path. This patch adds the fclose as is customary in the rest of the function. This entire set of patches passed the regression tests on my system. Resource leak bug found by Coverity. Signed-off-by: Kylene Hall <kjhall at us.ibm.com> --- hostfile.c | 4 +++- 1 files changed, 3 insertions(+), 1 deletion(-) diff -uprN openssh-4.3p2/hostfile.c openssh-4.3p2-kylie/hostfile.c --- openssh-4.3p2/hostfile.c 2005-11-22 02:43:27.000000000 -0600 +++ openssh-4.3p2-kylie/hostfile.c 2006-05-04 13:51:10.00...

...xmalloc'ed with buffer_get_string. In the allowed case these variables are pointed to by variables with a greater scope thus the reason this is a condtional leak. This entire set of patches passed the regression tests on my system. Resource leak bugs found by Coverity. Signed-off-by: Kylene Hall <kjhall at us.ibm.com> --- monitor.c | 4 ++++ 1 files changed, 4 insertions(+) diff -uprN openssh-4.3p2/monitor.c openssh-4.3p2-kylie/monitor.c --- openssh-4.3p2/monitor.c 2005-11-04 22:07:05.000000000 -0600 +++ openssh-4.3p2-kylie/monitor.c 2006-05-08 17:18:15.697809744 -0500 @@ -10...

...tion. The second bug is a memory leak. arg is allocated with xstrdup. It is the assigned in some paths to another local variable but neither are ever freed. This patch adds the xfree. This entire set of patches passed the regression tests on my system. Bugs found by Coverity. Signed-off-by: Kylene Hall <kjhall at us.ibm.com> --- scp.c | 4 +++- 1 files changed, 3 insertions(+), 1 deletion(-) diff -uprN openssh-4.3p2/scp.c openssh-4.3p2-kylie/scp.c --- openssh-4.3p2/scp.c 2006-01-31 05:11:38.000000000 -0600 +++ openssh-4.3p2-kylie/scp.c 2006-05-08 15:15:04.016516104 -0500 @@ -181,7 +...

cancel_address is allocated in packet_get_string and used in the call to channel_cancel_rport_listener and then it goes out of scope. This patch adds the xfree. This entire set of patches passed the regression tests on my system. Resource leak bug found by Coverity. Signed-off-by: Kylene Hall <kjhall at us.ibm.com> --- serverloop.c | 1 + 1 files changed, 1 insertion(+) diff -uprN openssh-4.3p2/serverloop.c openssh-4.3p2-kylie/serverloop.c --- openssh-4.3p2/serverloop.c 2005-12-30 23:33:37.000000000 -0600 +++ openssh-4.3p2-kylie/serverloop.c 2006-05-03 16:52:06.000000000...

...remenants (which have already been freed) to avoid using an already freed pointer in the assignment comment = cp ? *cp : comment. When the code path is such that comment has not been reset. This entire set of patches passed the regression tests on my system. Bug found by Coverity. Signed-off-by: Kylene Hall <kjhall at us.ibm.com> --- ssh-keygen.c | 4 +++- 1 files changed, 3 insertions(+), 1 deletion(-) diff -uprN openssh-4.3p2/ssh-keygen.c openssh-4.3p2-kylie/ssh-keygen.c --- openssh-4.3p2/ssh-keygen.c 2005-11-28 20:10:25.000000000 -0600 +++ openssh-4.3p2-kylie/ssh-keygen.c 2006-05-03...

...of the function's operations depend on this directory being created thus an error should be handled at this point. The second is f is never closed. This patch adds the needed fclose. This entire set of patches passed the regression tests on my system. Bugs found by Coverity. Signed-off-by: Kylene Hall <kjhall at us.ibm.com> --- ssh-rand-helper.c | 4 +++- 1 files changed, 3 insertions(+), 1 deletion(-) diff -uprN openssh-4.3p2/ssh-rand-helper.c openssh-4.3p2-kylie/ssh-rand-helper.c --- openssh-4.3p2/ssh-rand-helper.c 2005-07-17 02:26:44.000000000 -0500 +++ openssh-4.3p2-kylie/ssh...

...it is on the second call. The second bug is deadcode. The abs_dst variable has always been freed by the time the value is checked to call xfree before return. This patch fixes both bugs. This entire set of patches passed the regression tests on my system. Bug found by Coverity. Signed-off-by: Kylene Hall <kjhall at us.ibm.com> --- sftp.c | 5 ++--- 1 files changed, 2 insertions(+), 3 deletions(-) diff -uprN openssh-4.3p2/sftp.c openssh-4.3p2-kylie/sftp.c --- openssh-4.3p2/sftp.c 2006-01-31 04:49:28.000000000 -0600 +++ openssh-4.3p2-kylie/sftp.c 2006-05-08 15:01:49.907239064 -0500 @...

..., NULL could be sent to the key_free function which will not handle it correctly. The fix is to move key_free to a place where you know key is not NULL. This patch moves the key_free call. This entire set of patches passed the regression tests on my system. Bug found by Coverity. Signed-off-by: Kylene Hall <kjhall at us.ibm.com> --- ssh-agent.c | 2 +- 1 files changed, 1 insertion(+), 1 deletion(-) diff -uprN openssh-4.3p2/ssh-agent.c openssh-4.3p2-kylie/ssh-agent.c --- openssh-4.3p2/ssh-agent.c 2005-11-04 22:15:00.000000000 -0600 +++ openssh-4.3p2-kylie/ssh-agent.c 2006-05-04 15:05:48....