forked from rpms/openssh
coverity: RESOURCE_LEAK (CWE-772)
This commit is contained in:
parent
600d4011b5
commit
009e39709f
@ -3102,7 +3102,7 @@ diff --git a/ssh-agent.c b/ssh-agent.c
|
|||||||
index 2a4578b0..f6c86240 100644
|
index 2a4578b0..f6c86240 100644
|
||||||
--- a/ssh-agent.c
|
--- a/ssh-agent.c
|
||||||
+++ b/ssh-agent.c
|
+++ b/ssh-agent.c
|
||||||
@@ -546,10 +546,70 @@ no_identities(SocketEntry *e)
|
@@ -546,10 +546,72 @@ no_identities(SocketEntry *e)
|
||||||
}
|
}
|
||||||
|
|
||||||
#ifdef ENABLE_PKCS11
|
#ifdef ENABLE_PKCS11
|
||||||
@ -3141,12 +3141,14 @@ index 2a4578b0..f6c86240 100644
|
|||||||
+ verbose("failed PKCS#11 provider \"%.100s\": realpath: %s",
|
+ verbose("failed PKCS#11 provider \"%.100s\": realpath: %s",
|
||||||
+ module_path, strerror(errno));
|
+ module_path, strerror(errno));
|
||||||
+ free(module_path);
|
+ free(module_path);
|
||||||
|
+ pkcs11_uri_cleanup(uri);
|
||||||
+ return NULL;
|
+ return NULL;
|
||||||
+ }
|
+ }
|
||||||
+ free(module_path);
|
+ free(module_path);
|
||||||
+ if (match_pattern_list(canonical_provider, pkcs11_whitelist, 0) != 1) {
|
+ if (match_pattern_list(canonical_provider, pkcs11_whitelist, 0) != 1) {
|
||||||
+ verbose("refusing PKCS#11 provider \"%.100s\": "
|
+ verbose("refusing PKCS#11 provider \"%.100s\": "
|
||||||
+ "not whitelisted", canonical_provider);
|
+ "not whitelisted", canonical_provider);
|
||||||
|
+ pkcs11_uri_cleanup(uri);
|
||||||
+ return NULL;
|
+ return NULL;
|
||||||
+ }
|
+ }
|
||||||
+
|
+
|
||||||
@ -3311,7 +3313,7 @@ new file mode 100644
|
|||||||
index 00000000..da15c164
|
index 00000000..da15c164
|
||||||
--- /dev/null
|
--- /dev/null
|
||||||
+++ b/ssh-pkcs11-uri.c
|
+++ b/ssh-pkcs11-uri.c
|
||||||
@@ -0,0 +1,399 @@
|
@@ -0,0 +1,400 @@
|
||||||
+/*
|
+/*
|
||||||
+ * Copyright (c) 2017 Red Hat
|
+ * Copyright (c) 2017 Red Hat
|
||||||
+ *
|
+ *
|
||||||
@ -3616,6 +3618,7 @@ index 00000000..da15c164
|
|||||||
+ break;
|
+ break;
|
||||||
+ opcode = parse_token(tok);
|
+ opcode = parse_token(tok);
|
||||||
+ if (opcode == pBadOption) {
|
+ if (opcode == pBadOption) {
|
||||||
|
+ free(p);
|
||||||
+ verbose("Unknown key in PKCS#11 URI: %s", tok);
|
+ verbose("Unknown key in PKCS#11 URI: %s", tok);
|
||||||
+ return -1;
|
+ return -1;
|
||||||
+ }
|
+ }
|
||||||
@ -4497,6 +4500,7 @@ index 88c9d6e2..a29b4451 100644
|
|||||||
+ error("C_Finalize for provider %s failed: %lu",
|
+ error("C_Finalize for provider %s failed: %lu",
|
||||||
+ provider_module, rv);
|
+ provider_module, rv);
|
||||||
+ free(provider_module);
|
+ free(provider_module);
|
||||||
|
+ free(p);
|
||||||
+ if (handle)
|
+ if (handle)
|
||||||
+ dlclose(handle);
|
+ dlclose(handle);
|
||||||
+ return NULL;
|
+ return NULL;
|
||||||
|
Loading…
Reference in New Issue
Block a user