upstream: prevent leak in sshsig_match_principals; ok djm@

author markus@openbsd.org <markus@openbsd.org>

Fri, 8 Dec 2023 09:18:39 +0000 (09:18 +0000)

committer Damien Miller <djm@mindrot.org>

Wed, 13 Dec 2023 03:33:50 +0000 (14:33 +1100)
author markus@openbsd.org <markus@openbsd.org>
Fri, 8 Dec 2023 09:18:39 +0000 (09:18 +0000)
committer Damien Miller <djm@mindrot.org>
Wed, 13 Dec 2023 03:33:50 +0000 (14:33 +1100)
diff --git a/sshsig.c b/sshsig.c

index d219db90e9a39006618d692abb010f2a64280261..d50d65fe203cb7b2d471226f13c8f790f01692c7 100644 (file)
--- a/sshsig.c
+++ b/sshsig.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshsig.c,v 1.33 2023/09/06 23:18:15 djm Exp $ */
+/* $OpenBSD: sshsig.c,v 1.34 2023/12/08 09:18:39 markus Exp $ */
  /*
   * Copyright (c) 2019 Google LLC
   *
@@ -1121,12 +1121,11 @@ sshsig_match_principals(const char *path, const char *principal,
         if (ret == 0) {
                 if (nprincipals == 0)
                         ret = SSH_ERR_KEY_NOT_FOUND;
+               if (nprincipalsp != 0)
+                       *nprincipalsp = nprincipals;
                 if (principalsp != NULL) {
                         *principalsp = principals;
                         principals = NULL; /* transferred */
-               }
-               if (nprincipalsp != 0) {
-                       *nprincipalsp = nprincipals;
                         nprincipals = 0;
                 }
         }
author	markus@openbsd.org <markus@openbsd.org>
	Fri, 8 Dec 2023 09:18:39 +0000 (09:18 +0000)
committer	Damien Miller <djm@mindrot.org>
	Wed, 13 Dec 2023 03:33:50 +0000 (14:33 +1100)