fix bug 0000015 about memory leak in server path

git-svn-id: svn+ssh://svn.berlios.de/svnroot/repos/libssh/trunk@180 7dcaeef0-15fb-0310-b436-a5af3365683c
2008-06-30 22:28:11 +00:00 · 2008-06-30 22:28:11 +00:00 · d477025000
--- a/libssh/messages.c
+++ b/libssh/messages.c
@ -84,6 +84,8 @@ static SSH_MESSAGE *handle_userauth_request(SSH_SESSION *session){
    free(user);
    service_c=string_to_char(service);
    method_c=string_to_char(method);
+    free(service);
+    free(method);
    ssh_say(2,"auth request for service %s, method %s for user '%s'\n",service_c,method_c,
            msg->auth_request.username);
    free(service_c);
@ -182,10 +184,12 @@ static SSH_MESSAGE *handle_channel_request_open(SSH_SESSION *session){
    msg->channel_request_open.packet_size=ntohl(packet);
    if(!strcmp(type_c,"session")){
        msg->channel_request_open.type=SSH_CHANNEL_SESSION;
+        free(type_c);
        leave_function();
        return msg;
    }
    msg->channel_request_open.type=SSH_CHANNEL_UNKNOWN;
+    free(type_c);
    leave_function();
    return msg;
 }
@ -247,6 +251,7 @@ static SSH_MESSAGE *handle_channel_request(SSH_SESSION *session){
    if(!strcmp(type_c,"pty-req")){
        STRING *term;
        char *term_c;
+        free(type_c);
        term=buffer_get_ssh_string(session->in_buffer);
        term_c=string_to_char(term);
        free(term);
@ -267,6 +272,7 @@ static SSH_MESSAGE *handle_channel_request(SSH_SESSION *session){
    if(!strcmp(type_c,"subsystem")){
        STRING *subsys;
        char *subsys_c;
+        free(type_c);
        subsys=buffer_get_ssh_string(session->in_buffer);
        subsys_c=string_to_char(subsys);
        free(subsys);
@ -276,12 +282,14 @@ static SSH_MESSAGE *handle_channel_request(SSH_SESSION *session){
        return msg;
    }
    if(!strcmp(type_c,"shell")){
+    	free(type_c);
        msg->channel_request.type=SSH_CHANNEL_REQUEST_SHELL;
        leave_function();
        return msg;
    }
    if(!strcmp(type_c,"exec")){
        STRING *cmd=buffer_get_ssh_string(session->in_buffer);
+        free(type_c);
        msg->channel_request.type=SSH_CHANNEL_REQUEST_EXEC;
        msg->channel_request.command=string_to_char(cmd);
        free(cmd);
@ -290,6 +298,7 @@ static SSH_MESSAGE *handle_channel_request(SSH_SESSION *session){
    }
    
    msg->channel_request.type=SSH_CHANNEL_UNKNOWN;
+    free(type_c);
    leave_function();
    return msg;
 }
--- a/libssh/server.c
+++ b/libssh/server.c
@ -163,6 +163,7 @@ SSH_SESSION *ssh_bind_accept(SSH_BIND *ssh_bind){
    session=ssh_new();
    session->server=1;
    session->version=2;
+    ssh_socket_free(session->socket);
    session->socket=ssh_socket_new(session);
    ssh_socket_set_fd(session->socket,fd);
    session->options=ssh_options_copy(ssh_bind->options);
@ -175,6 +176,8 @@ void ssh_bind_free(SSH_BIND *ssh_bind){
    if(ssh_bind->bindfd>=0)
        close(ssh_bind->bindfd);
    ssh_bind->bindfd=-1;
+    if(ssh_bind->options)
+    	ssh_options_free(ssh_bind->options);
    free(ssh_bind);
 }

@ -223,6 +226,7 @@ static int dh_handshake_server(SSH_SESSION *session){
        return -1;
    }
    dh_import_e(session,e);
+    free(e);
    dh_generate_y(session);
    dh_generate_f(session);
    f=dh_get_f(session);
--- a/libssh/wrapper.c
+++ b/libssh/wrapper.c
@ -447,6 +447,8 @@ void crypto_free(CRYPTO *crypto){
        bignum_free(crypto->f);
    if(crypto->x)
        bignum_free(crypto->x);
+    if(crypto->y)
+    	bignum_free(crypto->y);
    if(crypto->k)
        bignum_free(crypto->k);
    /* lot of other things */
@ -509,6 +511,7 @@ int crypt_set_algorithms(SSH_SESSION *session){
 // TODO Obviously too much cut and paste here
 int crypt_set_algorithms_server(SSH_SESSION *session){
    /* we must scan the kex entries to find crypto algorithms and set their appropriate structure */
+	enter_function();
    int i=0;
    /* out */
    char *server=session->server_kex.methods[SSH_CRYPT_S_C];
@ -516,16 +519,21 @@ int crypt_set_algorithms_server(SSH_SESSION *session){
    char *match=ssh_find_matching(client,server);
    if(!match){
        ssh_set_error(session,SSH_FATAL,"Crypt_set_algorithms_server : no matching algorithm function found for %s",server);
+        free(match);
+        leave_function();
        return SSH_ERROR;
    }
    while(ssh_ciphertab[i].name && strcmp(match,ssh_ciphertab[i].name))
        i++;
    if(!ssh_ciphertab[i].name){
        ssh_set_error(session,SSH_FATAL,"Crypt_set_algorithms_server : no crypto algorithm function found for %s",server);
+        free(match);
+        leave_function();
        return SSH_ERROR;
    }
    ssh_log(session,SSH_LOG_PACKET,"Set output algorithm %s",match);
    session->next_crypto->out_cipher=cipher_new(i);
+    free(match);
    i=0;
    /* in */
    client=session->client_kex.methods[SSH_CRYPT_C_S];
@ -533,16 +541,21 @@ int crypt_set_algorithms_server(SSH_SESSION *session){
    match=ssh_find_matching(client,server);
    if(!match){
        ssh_set_error(session,SSH_FATAL,"Crypt_set_algorithms_server : no matching algorithm function found for %s",server);
+        free(match);
+        leave_function();
        return SSH_ERROR;
    }
    while(ssh_ciphertab[i].name && strcmp(match,ssh_ciphertab[i].name))
        i++;
    if(!ssh_ciphertab[i].name){
        ssh_set_error(session,SSH_FATAL,"Crypt_set_algorithms_server : no crypto algorithm function found for %s",server);
+        free(match);
+        leave_function();
        return SSH_ERROR;
    }
    ssh_log(session,SSH_LOG_PACKET,"Set input algorithm %s",match);
    session->next_crypto->in_cipher=cipher_new(i);
+    free(match);
    /* compression */
    client=session->client_kex.methods[SSH_CRYPT_C_S];
    server=session->server_kex.methods[SSH_CRYPT_C_S];
@ -551,6 +564,7 @@ int crypt_set_algorithms_server(SSH_SESSION *session){
        ssh_log(session,SSH_LOG_PACKET,"enabling C->S compression");
        session->next_crypto->do_compress_in=1;
    }
+    free(match);
    
    client=session->client_kex.methods[SSH_CRYPT_S_C];
    server=session->server_kex.methods[SSH_CRYPT_S_C];
@ -559,7 +573,8 @@ int crypt_set_algorithms_server(SSH_SESSION *session){
        ssh_log(session,SSH_LOG_PACKET,"enabling S->C compression\n");
        session->next_crypto->do_compress_out=1;
    }
-
+    free(match);
+    
    server=session->server_kex.methods[SSH_HOSTKEYS];
    client=session->client_kex.methods[SSH_HOSTKEYS];
    match=ssh_find_matching(client,server);
@ -569,7 +584,11 @@ int crypt_set_algorithms_server(SSH_SESSION *session){
        session->hostkeys=TYPE_RSA;
    else {
        ssh_set_error(session,SSH_FATAL,"cannot know what %s is into %s",match,server);
+        free(match);
+        leave_function();
        return SSH_ERROR;
    }
+    free(match);
+    leave_function();
    return SSH_OK;
 }
--- a/samplesshd.c
+++ b/samplesshd.c
@ -148,7 +148,9 @@ int main(int argc, char **argv){
        if(i>0)
            write(1,buffer_get(buf),buffer_get_len(buf));
    } while (i>0);
+    buffer_free(buf);
    ssh_disconnect(session);
+    ssh_bind_free(ssh_bind);
    ssh_finalize();
    return 0;
 }