- miod@cvs.openbsd.org 2012/01/16 20:34:09

     [ssh-pkcs11-client.c]
     Fix a memory leak in pkcs11_rsa_private_encrypt(), reported by Jan Klemkow.
     While there, be sure to buffer_clear() between send_msg() and recv_msg().
     ok markus@

2 files changed, 8 insertions, 1 deletions

diff --git a/ChangeLog b/ChangeLog
index 406d7e20c..3ebe0df30 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -10,6 +10,11 @@
      [ssh-ecdsa.c]
      Fix memory leak in ssh_ecdsa_verify(); from Loganaden Velvindron,
      ok markus@
+   - miod@cvs.openbsd.org 2012/01/16 20:34:09
+     [ssh-pkcs11-client.c]
+     Fix a memory leak in pkcs11_rsa_private_encrypt(), reported by Jan Klemkow.
+     While there, be sure to buffer_clear() between send_msg() and recv_msg().
+     ok markus@
 
 20120206
  - (djm) [ssh-keygen.c] Don't fail in do_gen_all_hostkeys on platforms
diff --git a/ssh-pkcs11-client.c b/ssh-pkcs11-client.c
index 650c37342..82b11daf5 100644
--- a/ssh-pkcs11-client.c
+++ b/ssh-pkcs11-client.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-pkcs11-client.c,v 1.2 2010/02/24 06:12:53 djm Exp $ */
+/* $OpenBSD: ssh-pkcs11-client.c,v 1.3 2012/01/16 20:34:09 miod Exp $ */
 /*
  * Copyright (c) 2010 Markus Friedl.  All rights reserved.
  *
@@ -123,6 +123,7 @@ pkcs11_rsa_private_encrypt(int flen, const u_char *from, u_char *to, RSA *rsa,
 	buffer_put_int(&msg, 0);
 	xfree(blob);
 	send_msg(&msg);
+	buffer_clear(&msg);
 
 	if (recv_msg(&msg) == SSH2_AGENT_SIGN_RESPONSE) {
 		signature = buffer_get_string(&msg, &slen);
@@ -132,6 +133,7 @@ pkcs11_rsa_private_encrypt(int flen, const u_char *from, u_char *to, RSA *rsa,
 		}
 		xfree(signature);
 	}
+	buffer_free(&msg);
 	return (ret);
 }