Fixes from Erik Hovland:

cli-authpubkey.c: fix leak of keybuf cli-kex.c: fix leak of fingerprint fp cli-service.c: remove commented out code dropbearkey.c: don't attepmt to free NULL key on failure common-kex.c: only free key if it is initialised keyimport.c: remove dead encrypted-key code don't leak a FILE* loading OpenSSH keys rsa.c, dss.c: check return values for some libtommath functions svr-kex.c: check return value retrieving DH kex mpint svr-tcpfwd.c: fix null-dereference if remote tcp forward request fails tcp-accept.c: don't incorrectly free the tcpinfo var --HG-- extra : convert_revision : 640a55bc710cbaa6d212453c750026c770e19193
2025-06-26 18:17:32 +00:00 · 2006-07-07 09:17:18 +00:00
parent cee2ec1680
commit 4cb673b644
10 changed files with 33 additions and 55 deletions
--- a/svr-kex.c
+++ b/svr-kex.c
@@ -52,7 +52,9 @@ void recv_msg_kexdh_init() {
 	}

 	m_mp_init(&dh_e);
-	buf_getmpint(ses.payload, &dh_e);
+	if (buf_getmpint(ses.payload, &dh_e) != DROPBEAR_SUCCESS) {
+		dropbear_exit("Failed to get kex value");
+	}

 	send_msg_kexdh_reply(&dh_e);