upstream: Dynamically allocate encoded HashKnownHosts and free as

author dtucker@openbsd.org <dtucker@openbsd.org>

Sat, 2 Oct 2021 03:17:01 +0000 (03:17 +0000)

committer Damien Miller <djm@mindrot.org>

Wed, 6 Oct 2021 03:40:32 +0000 (14:40 +1100)
author dtucker@openbsd.org <dtucker@openbsd.org>
Sat, 2 Oct 2021 03:17:01 +0000 (03:17 +0000)
committer Damien Miller <djm@mindrot.org>
Wed, 6 Oct 2021 03:40:32 +0000 (14:40 +1100)
diff --git a/hostfile.c b/hostfile.c

index ce00cd7135497db8e32e28c8191290f4cf6b6d1e..a035b38134a340939130ea9686d643b818b8806e 100644 (file)
--- a/hostfile.c
+++ b/hostfile.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: hostfile.c,v 1.91 2021/07/05 01:16:46 dtucker Exp $ */
+/* $OpenBSD: hostfile.c,v 1.92 2021/10/02 03:17:01 dtucker Exp $ */
  /*
   * Author: Tatu Ylonen <ylo@cs.hut.fi>
   * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -118,7 +118,7 @@ host_hash(const char *host, const char *name_from_hostfile, u_int src_len)
         struct ssh_hmac_ctx *ctx;
         u_char salt[256], result[256];
         char uu_salt[512], uu_result[512];
-       static char encoded[1024];
+       char *encoded = NULL;
         u_int len;
  
         len = ssh_digest_bytes(SSH_DIGEST_SHA1);
@@ -143,9 +143,8 @@ host_hash(const char *host, const char *name_from_hostfile, u_int src_len)
         if (__b64_ntop(salt, len, uu_salt, sizeof(uu_salt)) == -1 ||
             __b64_ntop(result, len, uu_result, sizeof(uu_result)) == -1)
                 fatal_f("__b64_ntop failed");
-
-       snprintf(encoded, sizeof(encoded), "%s%s%c%s", HASH_MAGIC, uu_salt,
-           HASH_DELIM, uu_result);
+       xasprintf(&encoded, "%s%s%c%s", HASH_MAGIC, uu_salt, HASH_DELIM,
+           uu_result);
  
         return (encoded);
  }
@@ -456,6 +455,7 @@ write_host_entry(FILE *f, const char *host, const char *ip,
         else {
                 fprintf(f, "%s ", lhost);
         }
+       free(hashed_host);
         free(lhost);
         if ((r = sshkey_write(key, f)) == 0)
                 success = 1;
@@ -730,8 +730,8 @@ hostfile_replace_entries(const char *filename, const char *host, const char *ip,
  static int
  match_maybe_hashed(const char *host, const char *names, int *was_hashed)
  {
-       int hashed = *names == HASH_DELIM;
-       const char *hashed_host;
+       int hashed = *names == HASH_DELIM, ret;
+       char *hashed_host = NULL;
         size_t nlen = strlen(names);
  
         if (was_hashed != NULL)
@@ -739,8 +739,10 @@ match_maybe_hashed(const char *host, const char *names, int *was_hashed)
         if (hashed) {
                 if ((hashed_host = host_hash(host, names, nlen)) == NULL)
                         return -1;
-               return nlen == strlen(hashed_host) &&
-                   strncmp(hashed_host, names, nlen) == 0;
+               ret = (nlen == strlen(hashed_host) &&
+                   strncmp(hashed_host, names, nlen) == 0);
+               free(hashed_host);
+               return ret;
         }
         return match_hostname(host, names) == 1;
  }
diff --git a/ssh-keygen.c b/ssh-keygen.c

index 4b40768d517f9e3f71b4dcfb56f5bdd9e6406ea0..9b912f0a5a487852bff19af11813d89bdeac2e6e 100644 (file)
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-keygen.c,v 1.437 2021/09/08 03:23:44 djm Exp $ */
+/* $OpenBSD: ssh-keygen.c,v 1.438 2021/10/02 03:17:01 dtucker Exp $ */
  /*
   * Author: Tatu Ylonen <ylo@cs.hut.fi>
   * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -1203,6 +1203,7 @@ known_hosts_hash(struct hostkey_foreach_line *l, void *_ctx)
                         if ((hashed = host_hash(cp, NULL, 0)) == NULL)
                                 fatal("hash_host failed");
                         fprintf(ctx->out, "%s %s\n", hashed, l->rawkey);
+                       free(hashed);
                         ctx->has_unhashed = 1;
                 }
                 free(ohosts);
diff --git a/ssh-keyscan.c b/ssh-keyscan.c

index 7abbcbff5d007985e2d711081365af777b0ce73d..d688b3c34cc6774d1a26af66d1cf47693f96cd6c 100644 (file)
--- a/ssh-keyscan.c
+++ b/ssh-keyscan.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-keyscan.c,v 1.139 2021/01/27 09:26:54 djm Exp $ */
+/* $OpenBSD: ssh-keyscan.c,v 1.140 2021/10/02 03:17:01 dtucker Exp $ */
  /*
   * Copyright 1995, 1996 by David Mazieres <dm@lcs.mit.edu>.
   *
@@ -305,8 +305,8 @@ keygrab_ssh2(con *c)
  static void
  keyprint_one(const char *host, struct sshkey *key)
  {
-       char *hostport;
-       const char *known_host, *hashed;
+       char *hostport = NULL, *hashed = NULL;
+       const char *known_host;
  
         found_one = 1;
  
@@ -324,6 +324,7 @@ keyprint_one(const char *host, struct sshkey *key)
                 fprintf(stdout, "%s ", known_host);
         sshkey_write(key, stdout);
         fputs("\n", stdout);
+       free(hashed);
         free(hostport);
  }
author	dtucker@openbsd.org <dtucker@openbsd.org>
	Sat, 2 Oct 2021 03:17:01 +0000 (03:17 +0000)
committer	Damien Miller <djm@mindrot.org>
	Wed, 6 Oct 2021 03:40:32 +0000 (14:40 +1100)
hostfile.c		patch \| blob \| blame \| history
ssh-keygen.c		patch \| blob \| blame \| history
ssh-keyscan.c		patch \| blob \| blame \| history