From: dtucker@openbsd.org Date: Wed, 1 Oct 2025 00:33:37 +0000 (+0000) Subject: upstream: Set keys to NULL after freeing in tests where the X-Git-Tag: V_10_1_P1~14 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=aceabd62ce5833716dd2e99d4be4fcb603d263cc;p=thirdparty%2Fopenssh-portable.git upstream: Set keys to NULL after freeing in tests where the variables will be used again. Should prevent Coverity "potential use after free" warnings. OpenBSD-Regress-ID: 24d141657d25977e41dfb0c58e9b74ab093972bf --- diff --git a/regress/unittests/sshkey/test_sshkey.c b/regress/unittests/sshkey/test_sshkey.c index bfaa3f66d..d0c46a90b 100644 --- a/regress/unittests/sshkey/test_sshkey.c +++ b/regress/unittests/sshkey/test_sshkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: test_sshkey.c,v 1.31 2025/09/29 07:40:55 dtucker Exp $ */ +/* $OpenBSD: test_sshkey.c,v 1.32 2025/10/01 00:33:37 dtucker Exp $ */ /* * Regress test for sshkey.h key management API * @@ -363,6 +363,7 @@ sshkey_tests(void) TEST_START("equal KEY_RSA/demoted KEY_RSA"); ASSERT_INT_EQ(sshkey_equal(kr, k1), 1); sshkey_free(k1); + k1 = NULL; TEST_DONE(); @@ -383,6 +384,7 @@ sshkey_tests(void) TEST_START("equal KEY_ECDSA/demoted KEY_ECDSA"); ASSERT_INT_EQ(sshkey_equal(ke, k1), 1); sshkey_free(k1); + k1 = NULL; TEST_DONE(); #endif /* OPENSSL_HAS_ECC */ #endif /* WITH_OPENSSL */ @@ -399,6 +401,7 @@ sshkey_tests(void) TEST_START("equal KEY_ED25519/demoted KEY_ED25519"); ASSERT_INT_EQ(sshkey_equal(kf, k1), 1); sshkey_free(k1); + k1 = NULL; TEST_DONE(); #ifdef WITH_OPENSSL @@ -418,15 +421,18 @@ sshkey_tests(void) ASSERT_INT_EQ(sshkey_generate(KEY_RSA, 1024, &k1), 0); ASSERT_INT_EQ(sshkey_equal(kr, k1), 0); sshkey_free(k1); + k1 = NULL; #ifdef OPENSSL_HAS_ECC ASSERT_INT_EQ(sshkey_generate(KEY_ECDSA, 256, &k1), 0); ASSERT_INT_EQ(sshkey_equal(ke, k1), 0); sshkey_free(k1); + k1 = NULL; #endif /* OPENSSL_HAS_ECC */ #endif /* WITH_OPENSSL */ ASSERT_INT_EQ(sshkey_generate(KEY_ED25519, 256, &k1), 0); ASSERT_INT_EQ(sshkey_equal(kf, k1), 0); sshkey_free(k1); + k1 = NULL; TEST_DONE(); #ifdef WITH_OPENSSL @@ -481,6 +487,7 @@ sshkey_tests(void) sshkey_free(k1); sshkey_free(k2); sshkey_free(k3); + k1 = k2 = k3 = NULL; sshbuf_reset(b); TEST_DONE(); @@ -492,6 +499,7 @@ sshkey_tests(void) signature_tests(k1, k2, "ssh-rsa"); sshkey_free(k1); sshkey_free(k2); + k1 = k2 = NULL; TEST_DONE(); TEST_START("sign and verify RSA-SHA256"); @@ -501,6 +509,7 @@ sshkey_tests(void) signature_tests(k1, k2, "rsa-sha2-256"); sshkey_free(k1); sshkey_free(k2); + k1 = k2 = NULL; TEST_DONE(); TEST_START("sign and verify RSA-SHA512"); @@ -510,6 +519,7 @@ sshkey_tests(void) signature_tests(k1, k2, "rsa-sha2-512"); sshkey_free(k1); sshkey_free(k2); + k1 = k2 = NULL; TEST_DONE(); @@ -521,6 +531,7 @@ sshkey_tests(void) signature_tests(k1, k2, NULL); sshkey_free(k1); sshkey_free(k2); + k1 = k2 = NULL; TEST_DONE(); #endif /* OPENSSL_HAS_ECC */ #endif /* WITH_OPENSSL */ @@ -532,6 +543,7 @@ sshkey_tests(void) signature_tests(k1, k2, NULL); sshkey_free(k1); sshkey_free(k2); + k1 = k2 = NULL; TEST_DONE(); #ifdef WITH_OPENSSL @@ -547,6 +559,7 @@ sshkey_tests(void) sshkey_free(k1); sshkey_free(k2); sshkey_free(k3); + k1 = k2 = k3 = NULL; sshbuf_free(b); TEST_DONE(); #endif /* WITH_OPENSSL */