upstream: fix leaks of struct sftp_conn in scp; ok dtucker@

author djm@openbsd.org <djm@openbsd.org>

Mon, 15 Sep 2025 05:17:37 +0000 (05:17 +0000)

committer Damien Miller <djm@mindrot.org>

Mon, 15 Sep 2025 06:13:25 +0000 (16:13 +1000)
author djm@openbsd.org <djm@openbsd.org>
Mon, 15 Sep 2025 05:17:37 +0000 (05:17 +0000)
committer Damien Miller <djm@mindrot.org>
Mon, 15 Sep 2025 06:13:25 +0000 (16:13 +1000)
diff --git a/scp.c b/scp.c

index e831a50f3bbde7f6f35d6004bb278395ee632c0a..0d3e1d4c1bcd9680ec1088d549cc68c2d288ff07 100644 (file)
--- a/scp.c
+++ b/scp.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: scp.c,v 1.265 2025/09/02 09:34:48 djm Exp $ */
+/* $OpenBSD: scp.c,v 1.266 2025/09/15 05:17:37 djm Exp $ */
  /*
   * scp - secure remote copy.  This is basically patched BSD rcp which
   * uses ssh to do the data transfer (instead of using rcmd).
@@ -1072,6 +1072,7 @@ toremote(int argc, char **argv, enum scp_mode_e mode, char *sftp_direct)
                         if (mode == MODE_SFTP) {
                                 if (remin == -1 || conn == NULL) {
                                         /* Connect to dest now */
+                                       sftp_free(conn);
                                         conn = do_sftp_connect(thost, tuser,
                                             tport, sftp_direct,
                                             &remin, &remout, &do_cmd_pid);
@@ -1089,6 +1090,7 @@ toremote(int argc, char **argv, enum scp_mode_e mode, char *sftp_direct)
                                  * scp -3 hosta:/foo hosta:/bar hostb:
                                  */
                                 /* Connect to origin now */
+                               sftp_free(conn2);
                                 conn2 = do_sftp_connect(host, suser,
                                     sport, sftp_direct,
                                     &remin2, &remout2, &do_cmd_pid2);
@@ -1178,6 +1180,7 @@ toremote(int argc, char **argv, enum scp_mode_e mode, char *sftp_direct)
                                 }
                                 if (remin == -1) {
                                         /* Connect to remote now */
+                                       sftp_free(conn);
                                         conn = do_sftp_connect(thost, tuser,
                                             tport, sftp_direct,
                                             &remin, &remout, &do_cmd_pid);
@@ -1206,8 +1209,6 @@ toremote(int argc, char **argv, enum scp_mode_e mode, char *sftp_direct)
                 }
         }
  out:
-       if (mode == MODE_SFTP)
-               free(conn);
         freeargs(&alist);
         free(tuser);
         free(thost);
@@ -1215,6 +1216,8 @@ out:
         free(suser);
         free(host);
         free(src);
+       sftp_free(conn);
+       sftp_free(conn2);
  }
  
  void
@@ -1260,6 +1263,7 @@ tolocal(int argc, char **argv, enum scp_mode_e mode, char *sftp_direct)
                 }
                 /* Remote to local. */
                 if (mode == MODE_SFTP) {
+                       sftp_free(conn);
                         conn = do_sftp_connect(host, suser, sport,
                             sftp_direct, &remin, &remout, &do_cmd_pid);
                         if (conn == NULL) {
@@ -1271,7 +1275,6 @@ tolocal(int argc, char **argv, enum scp_mode_e mode, char *sftp_direct)
                         /* The protocol */
                         sink_sftp(1, argv[argc - 1], src, conn);
  
-                       free(conn);
                         (void) close(remin);
                         (void) close(remout);
                         remin = remout = -1;
@@ -1295,6 +1298,7 @@ tolocal(int argc, char **argv, enum scp_mode_e mode, char *sftp_direct)
         free(suser);
         free(host);
         free(src);
+       sftp_free(conn);
  }
  
  /* Prepare remote path, handling ~ by assuming cwd is the homedir */
diff --git a/sftp-client.c b/sftp-client.c

index 0702abd5eb3eebcfba602ecae69c3ba5a2e95a84..911fbfee90a67c08af50b6207d50e4d316b2339a 100644 (file)
--- a/sftp-client.c
+++ b/sftp-client.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sftp-client.c,v 1.178 2025/09/02 09:26:21 djm Exp $ */
+/* $OpenBSD: sftp-client.c,v 1.179 2025/09/15 05:17:37 djm Exp $ */
  /*
   * Copyright (c) 2001-2004 Damien Miller <djm@openbsd.org>
   *
@@ -601,6 +601,14 @@ sftp_init(int fd_in, int fd_out, u_int transfer_buflen, u_int num_requests,
         return ret;
  }
  
+void
+sftp_free(struct sftp_conn *conn)
+{
+       if (conn == NULL)
+               return;
+       freezero(conn, sizeof(*conn));
+}
+
  u_int
  sftp_proto_version(struct sftp_conn *conn)
  {
diff --git a/sftp-client.h b/sftp-client.h

index 74cdae7dc687f5170ee9fc7376d46f7468d6bac8..873ad3849f5bb52883b2ea8b933a543c3734d28d 100644 (file)
--- a/sftp-client.h
+++ b/sftp-client.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: sftp-client.h,v 1.39 2023/09/08 05:56:13 djm Exp $ */
+/* $OpenBSD: sftp-client.h,v 1.40 2025/09/15 05:17:37 djm Exp $ */
  
  /*
   * Copyright (c) 2001-2004 Damien Miller <djm@openbsd.org>
@@ -71,6 +71,7 @@ struct sftp_limits {
   * a pointer to a initialized sftp_conn struct on success.
   */
  struct sftp_conn *sftp_init(int, int, u_int, u_int, u_int64_t);
+void sftp_free(struct sftp_conn *);
  
  u_int sftp_proto_version(struct sftp_conn *);
author	djm@openbsd.org <djm@openbsd.org>
	Mon, 15 Sep 2025 05:17:37 +0000 (05:17 +0000)
committer	Damien Miller <djm@mindrot.org>
	Mon, 15 Sep 2025 06:13:25 +0000 (16:13 +1000)
scp.c		patch \| blob \| blame \| history
sftp-client.c		patch \| blob \| blame \| history
sftp-client.h		patch \| blob \| blame \| history