From 5d75090d9fe23c6ef27560de47fc141fc769c6cd Mon Sep 17 00:00:00 2001
From: Jon Simons <jon@jonsimons.org>
Date: Sun, 5 Oct 2014 05:59:54 -0700
Subject: pki_crypto.c: plug ecdsa_sig->[r,s] bignum leaks

Per ecdsa(3ssl), ECDSA_SIG_new does allocate its 'r' and 's' bignum fields.
Fix a bug where the initial 'r' and 's' bignums were being overwritten with
newly-allocated bignums, resulting in a memory leak.

BUG: https://red.libssh.org/issues/175

Signed-off-by: Jon Simons <jon@jonsimons.org>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>

(cherry picked from commit 4745d652b5e71c27fd891edfe690162c0b8d3005)
---
 include/libssh/dh.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'include/libssh')

diff --git a/include/libssh/dh.h b/include/libssh/dh.h
index e1039e24..f28b9169 100644
--- a/include/libssh/dh.h
+++ b/include/libssh/dh.h
@@ -49,7 +49,7 @@ int hashbufin_add_cookie(ssh_session session, unsigned char *cookie);
 int hashbufout_add_cookie(ssh_session session);
 int generate_session_keys(ssh_session session);
 bignum make_string_bn(ssh_string string);
+void make_string_bn_inplace(ssh_string string, bignum bnout);
 ssh_string make_bignum_string(bignum num);
 
-
 #endif /* DH_H_ */
-- 
cgit