If realloc of sftp->ext->name or sftp->ext->data fails, the memory
previously allocated for the respective member is leaked. Fix this by
storing the return value of realloc() in a temporary variable which only
gets assigned to the respective sftp->ext member on success.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Before this change, dangling pointers can be unintentionally left in the
respective next_crypto kex methods slots. Ensure to set all slots to
NULL in the error-out path.
Signed-off-by: Jon Simons <jon@jonsimons.org>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Fix DSA signature extraction for the LIBGCRYPT build. Here, the same fix
that was applied to the LIBCRYPTO build for https://red.libssh.org/issues/144
is now adapted for pki_gcrypt. Additionally, ensure to set the resulting
output sig_blob buffer before returning.
Before this fix, one can observe the failure with the pkd test on a LIBGCRYPT
build as so:
# ./pkd_hello -i 1 -t torture_pkd_openssh_dsa_dsa_default
After, runs of 10000 back-to-back iterations of the same test are passing.
Signed-off-by: Jon Simons <jon@jonsimons.org>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Disable the 'make_string_bn_inplace' helper function for the LIBGCRYPT
build, rather than using '#error' to fail the build completely.
Signed-off-by: Jon Simons <jon@jonsimons.org>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Per ecdsa(3ssl), ECDSA_SIG_new does allocate its 'r' and 's' bignum fields.
Fix a bug where the initial 'r' and 's' bignums were being overwritten with
newly-allocated bignums, resulting in a memory leak.
BUG: https://red.libssh.org/issues/175
Signed-off-by: Jon Simons <jon@jonsimons.org>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Add missing initialization of 'type_c' field of a SSH signature in
'pki_do_sign_sessionid' procedure.
If libssh is compiled with GCrypt, 'dh_handshake_server' fails with
"Could not sign the session id" error. The change fixes that.
Signed-off-by: Artyom V. Poptsov <poptsov.artyom@gmail.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Fix a missing 'buffer_pack' formatter in 'ssh_message_auth_interactive_request'.
With this fix the 'examples/samplesshd-kbdint' program is working again for me.
Signed-off-by: Jon Simons <jon@jonsimons.org>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Check the 'ssh_buffer_pack' return in ssh_pki_do_sign for the ED25519 case.
Signed-off-by: Jon Simons <jon@jonsimons.org>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Fail fast in 'pki_import_pubkey_buffer' for the ED25519 case if a buffer
sized ED25519_PK_LEN can not be retrieved. Before, the 'memcpy' could
have read beyond the bounds of 'ssh_string_data(pubkey)'.
Signed-off-by: Jon Simons <jon@jonsimons.org>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Ensure to free the z_stream structures as allocated from
the gzip.c initcompress, initdecompress functions.
Signed-off-by: Jon Simons <jon@jonsimons.org>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
