From 7e692ee1b6f0c78008ad2143174d080a4db4b254 Mon Sep 17 00:00:00 2001
From: Jakub Jelen <jjelen@redhat.com>
Date: Mon, 16 Dec 2019 17:09:54 +0100
Subject: [PATCH] libgcrypt: Do not leak memory with invalid key lengths

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
---
 src/libgcrypt.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/libgcrypt.c b/src/libgcrypt.c
index 90eb42a3..53de4653 100644
--- a/src/libgcrypt.c
+++ b/src/libgcrypt.c
@@ -359,6 +359,10 @@ static int aes_set_key(struct ssh_cipher_struct *cipher, void *key, void *IV) {
           return -1;
         }
         break;
+      default:
+        SSH_LOG(SSH_LOG_WARNING, "Unksupported key length %u.", cipher->keysize);
+        SAFE_FREE(cipher->key);
+        return -1;
     }
     if (gcry_cipher_setkey(cipher->key[0], key, cipher->keysize / 8)) {
       gcry_cipher_close(cipher->key[0]);