upstream: memleak of DH public bignum; found with libfuzzer

OpenBSD-Commit-ID: 0e913b542c3764b100b1571fdb0d0e5cc086fe97
author: djm@openbsd.org <djm@openbsd.org> 2020-12-04 03:29:25 +0100
committer: Damien Miller <djm@mindrot.org> 2020-12-04 03:43:01 +0100
commit: 3b98b6e27f8a122dbfda9966b1afeb3e371cce91 (patch)
tree: bf884ec232f2460313632e4f7c88b45e01f7bc7a /kexdh.c
parent: upstream: fix minor memleak of kex->hostkey_alg on rekex (diff)
download: openssh-3b98b6e27f8a122dbfda9966b1afeb3e371cce91.tar.xz
openssh-3b98b6e27f8a122dbfda9966b1afeb3e371cce91.zip
1 files changed, 2 insertions, 1 deletions
diff --git a/kexdh.c b/kexdh.c
index 6e0159f9f..001dd12db 100644
--- a/kexdh.c
+++ b/kexdh.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: kexdh.c,v 1.33 2020/05/08 05:13:14 djm Exp $ */
+/* $OpenBSD: kexdh.c,v 1.34 2020/12/04 02:29:25 djm Exp $ */
 /*
  * Copyright (c) 2019 Markus Friedl.  All rights reserved.
  *
@@ -194,6 +194,7 @@ kex_dh_dec(struct kex *kex, const struct sshbuf *dh_blob,
 	*shared_secretp = buf;
 	buf = NULL;
  out:
+	BN_free(dh_pub);
 	DH_free(kex->dh);
 	kex->dh = NULL;
 	sshbuf_free(buf);
author	djm@openbsd.org <djm@openbsd.org>	2020-12-04 03:29:25 +0100
committer	Damien Miller <djm@mindrot.org>	2020-12-04 03:43:01 +0100
commit	3b98b6e27f8a122dbfda9966b1afeb3e371cce91 (patch)
tree	bf884ec232f2460313632e4f7c88b45e01f7bc7a /kexdh.c
parent	upstream: fix minor memleak of kex->hostkey_alg on rekex (diff)
download	openssh-3b98b6e27f8a122dbfda9966b1afeb3e371cce91.tar.xz openssh-3b98b6e27f8a122dbfda9966b1afeb3e371cce91.zip