From: Victor Julien <victor@inliniac.net>
Date: Thu, 9 May 2019 10:11:29 +0000 (+0200)
Subject: detect/ssh: fix ssh.protoversion memory leak
X-Git-Tag: suricata-5.0.0-rc1~501
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=edae50de949d626dcc169de41937951cd4b4cf2d;p=thirdparty%2Fsuricata.git

detect/ssh: fix ssh.protoversion memory leak
---

diff --git a/src/detect-ssh-proto-version.c b/src/detect-ssh-proto-version.c
index 1a45b76b71..a541d1cc4d 100644
--- a/src/detect-ssh-proto-version.c
+++ b/src/detect-ssh-proto-version.c
@@ -176,9 +176,10 @@ static DetectSshVersionData *DetectSshVersionParse (const char *str)
 
         /* We have a correct id option */
         ssh = SCMalloc(sizeof(DetectSshVersionData));
-        if (unlikely(ssh == NULL))
+        if (unlikely(ssh == NULL)) {
+            pcre_free_substring(str_ptr);
             goto error;
-
+        }
         memset(ssh, 0x00, sizeof(DetectSshVersionData));
 
         /* If we expect a protocol version 2 or 1.99 (considered 2, we
@@ -186,14 +187,17 @@ static DetectSshVersionData *DetectSshVersionParse (const char *str)
         if (strcmp("2_compat", str_ptr) == 0) {
             ssh->flags |= SSH_FLAG_PROTOVERSION_2_COMPAT;
             SCLogDebug("will look for ssh protocol version 2 (2, 2.0, 1.99 that's considered as 2");
+            pcre_free_substring(str_ptr);
             return ssh;
         }
 
         ssh->ver = (uint8_t *)SCStrdup((char*)str_ptr);
         if (ssh->ver == NULL) {
+            pcre_free_substring(str_ptr);
             goto error;
         }
         ssh->len = strlen((char *) ssh->ver);
+        pcre_free_substring(str_ptr);
 
         SCLogDebug("will look for ssh %s", ssh->ver);
     }
@@ -258,8 +262,9 @@ error:
  */
 void DetectSshVersionFree(void *ptr)
 {
-    DetectSshVersionData *id_d = (DetectSshVersionData *)ptr;
-    SCFree(id_d);
+    DetectSshVersionData *sshd = (DetectSshVersionData *)ptr;
+    SCFree(sshd->ver);
+    SCFree(sshd);
 }
 
 #ifdef UNITTESTS /* UNITTESTS */