From: Damien Miller <djm@mindrot.org>
Date: Wed, 17 Feb 2021 23:33:58 +0000 (+1100)
Subject: don't free string returned by login_getcapstr(3)
X-Git-Tag: V_8_5_P1~48
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f060c2bc85d59d111fa18a12eb3872ee4b9f7e97;p=thirdparty%2Fopenssh-portable.git

don't free string returned by login_getcapstr(3)

OpenBSD and NetBSD require the caller to free strings returned
bu the login_* functions, but FreeBSD requires that callers don't.

Fortunately in this case, we can harmlessly leak as the process is
about to exec the shell/command.

From https://reviews.freebsd.org/D28617 via Ed Maste; ok dtucker@
---

diff --git a/session.c b/session.c
index e63fc472c..4b155f913 100644
--- a/session.c
+++ b/session.c
@@ -1287,11 +1287,8 @@ do_nologin(struct passwd *pw)
 		return;
 	nl = def_nl;
 #endif
-	if (stat(nl, &sb) == -1) {
-		if (nl != def_nl)
-			free(nl);
+	if (stat(nl, &sb) == -1)
 		return;
-	}
 
 	/* /etc/nologin exists.  Print its contents if we can and exit. */
 	logit("User %.100s not allowed because %s exists", pw->pw_name, nl);