- markus@cvs.openbsd.org 2003/09/18 07:56:05

     [authfile.c]
     missing  buffer_free(&encrypted); #662; zardoz at users.sf.net

diff --git a/ChangeLog b/ChangeLog
index 5e9b2a5bf9dbb04c3a0b45a49f23915b576fea3f..4a6bff01017a3dbbe0907bcb3bcffce83ac6c87b 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -36,6 +36,9 @@
    - markus@cvs.openbsd.org 2003/09/18 07:54:48
      [buffer.c]
      protect against double free; #660;  zardoz at users.sf.net
+   - markus@cvs.openbsd.org 2003/09/18 07:56:05
+     [authfile.c]
+     missing  buffer_free(&encrypted); #662; zardoz at users.sf.net
 
 20030919
  - (djm) Bug #683: Remove reference to --with-ipv4-default from INSTALL;

diff --git a/authfile.c b/authfile.c
index 1f46093e3ed7a0d95f0b19a8a853beefe7e5eb6b..83ddd635f380ff4320a7691fc530da6813722f47 100644 (file)
--- a/authfile.c
+++ b/authfile.c
@@ -36,7 +36,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: authfile.c,v 1.54 2003/05/24 09:30:39 djm Exp $");
+RCSID("$OpenBSD: authfile.c,v 1.55 2003/09/18 07:56:05 markus Exp $");
 
 #include <openssl/err.h>
 #include <openssl/evp.h>
@@ -143,6 +143,7 @@ key_save_private_rsa1(Key *key, const char *filename, const char *passphrase,
        fd = open(filename, O_WRONLY | O_CREAT | O_TRUNC, 0600);
        if (fd < 0) {
                error("open %s failed: %s.", filename, strerror(errno));
+               buffer_free(&encrypted);
                return 0;
        }
        if (write(fd, buffer_ptr(&encrypted), buffer_len(&encrypted)) !=