- markus@cvs.openbsd.org 2001/11/07 22:10:28

     [ssh-dss.c ssh-rsa.c]
     missing free and sync dss/rsa code.

diff --git a/ChangeLog b/ChangeLog
index 49a6d0ba5ab00b853a4173a9000af5b18ee8d4b5..670745eb356a627814b8e9aba44e8797b4db5e97 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -30,6 +30,9 @@
    - markus@cvs.openbsd.org 2001/11/07 21:40:21
      [ssh-rsa.c]
      ssh_rsa_sign/verify: SSH_BUG_SIGBLOB not supported
+   - markus@cvs.openbsd.org 2001/11/07 22:10:28
+     [ssh-dss.c ssh-rsa.c]
+     missing free and sync dss/rsa code.
 
 20011109
  - (stevesk) auth-pam.c: use do_pam_authenticate(PAM_DISALLOW_NULL_AUTHTOK)

diff --git a/ssh-dss.c b/ssh-dss.c
index 22fffa02afa1c8770991d32e25528a6903a241a7..9f3a28706dde1b23ec7263218d150992474e3fe0 100644 (file)
--- a/ssh-dss.c
+++ b/ssh-dss.c
@@ -23,7 +23,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: ssh-dss.c,v 1.8 2001/09/17 19:27:15 stevesk Exp $");
+RCSID("$OpenBSD: ssh-dss.c,v 1.9 2001/11/07 22:10:28 markus Exp $");
 
 #include <openssl/bn.h>
 #include <openssl/evp.h>
@@ -138,17 +138,19 @@ ssh_dss_verify(
                if (strcmp("ssh-dss", ktype) != 0) {
                        error("ssh_dss_verify: cannot handle type %s", ktype);
                        buffer_free(&b);
+                       xfree(ktype);
                        return -1;
                }
+               xfree(ktype);
                sigblob = buffer_get_string(&b, &len);
                rlen = buffer_len(&b);
+               buffer_free(&b);
                if(rlen != 0) {
-                       error("remaining bytes in signature %d", rlen);
-                       buffer_free(&b);
+                       error("ssh_dss_verify: "
+                           "remaining bytes in signature %d", rlen);
+                       xfree(sigblob);
                        return -1;
                }
-               buffer_free(&b);
-               xfree(ktype);
        }
 
        if (len != SIGBLOB_LEN) {

diff --git a/ssh-rsa.c b/ssh-rsa.c
index 27a6c5a533f313770914d7b24053c5c9bb5d752d..6fd47287c9eecdd30bab54a8604c69b48b8e8c28 100644 (file)
--- a/ssh-rsa.c
+++ b/ssh-rsa.c
@@ -23,7 +23,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: ssh-rsa.c,v 1.11 2001/11/07 21:40:21 markus Exp $");
+RCSID("$OpenBSD: ssh-rsa.c,v 1.12 2001/11/07 22:10:28 markus Exp $");
 
 #include <openssl/evp.h>
 #include <openssl/err.h>
@@ -151,14 +151,14 @@ ssh_rsa_verify(
        rlen = buffer_len(&b);
        buffer_free(&b);
        if(rlen != 0) {
-               xfree(sigblob);
                error("ssh_rsa_verify: remaining bytes in signature %d", rlen);
+               xfree(sigblob);
                return -1;
        }
        nid = (datafellows & SSH_BUG_RSASIGMD5) ? NID_md5 : NID_sha1;
        if ((evp_md = EVP_get_digestbynid(nid)) == NULL) {
-               xfree(sigblob);
                error("ssh_rsa_verify: EVP_get_digestbynid %d failed", nid);
+               xfree(sigblob);
                return -1;
        }
        dlen = evp_md->md_size;