dh: fix libcrypto dh_ctx leak in ssh_dh_cleanup

Ensure to free the `dh_ctx` member in `ssh_dh_cleanup` to match the allocation in `ssh_dh_init_common`. The before-and-after of this change can be observed with the pkd tests and valgrind: valgrind --leak-check=full \ ./pkd_hello -i1 -t torture_pkd_openssh_dsa_rsa_diffie_hellman_group16_sha512 Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-04-30 11:54:33 -07:00 · 2019-04-30 11:54:33 -07:00 · ee42e3badb
--- a/src/dh_crypto.c
+++ b/src/dh_crypto.c
@ -180,6 +180,7 @@ void ssh_dh_cleanup(struct ssh_crypto_struct *crypto)
    if (crypto->dh_ctx != NULL) {
        DH_free(crypto->dh_ctx->keypair[0]);
        DH_free(crypto->dh_ctx->keypair[1]);
+        free(crypto->dh_ctx);
        crypto->dh_ctx = NULL;
    }
 }