HomePhabricator

dh: fix libcrypto leak via ssh_dh_keypair_set_keys

Authored by simonsj on Tue, Apr 30, 9:37 PM.

Description

dh: fix libcrypto leak via ssh_dh_keypair_set_keys

Upon SSH_OK, callers of ssh_dh_keypair_set_keys expect for ownership
of the priv and pub values to be transferred away and eventually
later managed by way of the struct dh_ctx at hand.

The mbedTLS and gcrypt builds transfer ownership of these values in
that way, but the libcrypto ssh_dh_keypair_set_keys is copying the
given values with BN_dup. This causes a memory leak that can be
seen with pkd and valgrind:

valgrind --leak-check=full \
  ./pkd_hello -i1 -t torture_pkd_openssh_dsa_rsa_diffie_hellman_group16_sha512

Fix the leak by replacing the BN_dup with direct assignment.
Now the bignums will eventually be freed via ssh_dh_cleanup.

Signed-off-by: Jon Simons <jon@jonsimons.org>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>

Details

Committed
asnThu, May 9, 5:37 PM
Parents
rLIBSSHee42e3badba4: dh: fix libcrypto dh_ctx leak in ssh_dh_cleanup
Branches
Unknown
Tags
Unknown