Fix memory leak

2 files changed, 20 insertions, 3 deletions

diff --git a/src/ecdh.c b/src/ecdh.c
index 20840c8..05e4ab9 100644
--- a/src/ecdh.c
+++ b/src/ecdh.c
@@ -104,7 +104,8 @@ static int ecdh_build_k(ssh_session session) {
   ECDH_compute_key(buffer,len,pubkey,session->next_crypto->ecdh_privkey,NULL);
   BN_bin2bn(buffer,len,session->next_crypto->k);
   free(buffer);
-
+  EC_KEY_free(session->next_crypto->ecdh_privkey);
+  session->next_crypto->ecdh_privkey=NULL;
 #ifdef DEBUG_CRYPTO
   ssh_print_hexa("Session server cookie", session->server_kex.cookie, 16);
   ssh_print_hexa("Session client cookie", session->client_kex.cookie, 16);
diff --git a/src/wrapper.c b/src/wrapper.c
index 11482f8..5a6ed08 100644
--- a/src/wrapper.c
+++ b/src/wrapper.c
@@ -111,7 +111,8 @@ void crypto_free(struct ssh_crypto_struct *crypto){
   bignum_free(crypto->x);
   bignum_free(crypto->y);
   bignum_free(crypto->k);
-  /* lot of other things */
+  SAFE_FREE(crypto->ecdh_client_pubkey);
+  SAFE_FREE(crypto->ecdh_server_pubkey);
 
 #ifdef WITH_LIBZ
   if (crypto->compress_out_ctx &&
@@ -123,8 +124,23 @@ void crypto_free(struct ssh_crypto_struct *crypto){
     inflateEnd(crypto->compress_in_ctx);
   }
 #endif
+  if(crypto->encryptIV)
+    SAFE_FREE(crypto->encryptIV);
+  if(crypto->decryptIV)
+    SAFE_FREE(crypto->decryptIV);
+  if(crypto->encryptMAC)
+    SAFE_FREE(crypto->encryptMAC);
+  if(crypto->decryptMAC)
+    SAFE_FREE(crypto->decryptMAC);
+  if(crypto->encryptkey){
+    memset(crypto->encryptkey, 0, crypto->digest_len);
+    SAFE_FREE(crypto->encryptkey);
+  }
+  if(crypto->decryptkey){
+    memset(crypto->decryptkey, 0, crypto->digest_len);
+    SAFE_FREE(crypto->decryptkey);
+  }
 
-  /* i'm lost in my own code. good work */
   memset(crypto,0,sizeof(*crypto));
 
   SAFE_FREE(crypto);