[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[PATCH 1/4] dh-gex: fix moduli file stream leak


Ensure to close the moduli file stream in `ssh_retrieve_dhgroup`.
The leak is observable with the pkd tests and valgrind with:

    valgrind \
      --track-fds=yes \
      ./pkd_hello -i1 \
      -t torture_pkd_openssh_rsa_rsa_diffie_hellman_group_exchange_sha256

Signed-off-by: Jon Simons <jon@xxxxxxxxxxxxx>
---
 src/dh-gex.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/dh-gex.c b/src/dh-gex.c
index f08b3ba3..a52be036 100644
--- a/src/dh-gex.c
+++ b/src/dh-gex.c
@@ -481,6 +481,7 @@ static int ssh_retrieve_dhgroup(uint32_t pmin,
                                    size,
                                    &generator,
                                    &modulus);
+    fclose(moduli);
     if (rc == SSH_ERROR || *size == 0) {
         goto error;
     }
-- 
2.19.1.593.gc670b1f


References:
[PATCH 0/4] dh-gex + dh: fix a couple of leaksJon Simons <jon@xxxxxxxxxxxxx>
Archive administrator: postmaster@lists.cynapses.org