Don't free DH priv_key when DH_generate_key() fails #96
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
The call to BN_clear_free on dh->priv_key leaves a dangling pointer that will be freed again when the caller of dh_gen_key() calls DH_free(). Fortunately, AFAIK failrues in DH_generate_key() are very unlikely, so this should not be observed in practice.
djmdjm
added a commit
to djmdjm/openbsd-openssh-src
that referenced
this pull request
Aug 4, 2018
unlikely double-free later. Reported by Viktor Dukhovni via openssh/openssh-portable#96 feedback jsing@ tb@
bob-beck
pushed a commit
to openbsd/src
that referenced
this pull request
Aug 4, 2018
unlikely double-free later. Reported by Viktor Dukhovni via openssh/openssh-portable#96 feedback jsing@ tb@
djmdjm
added a commit
that referenced
this pull request
Aug 6, 2018
avoids unlikely double-free later. Reported by Viktor Dukhovni via #96 feedback jsing@ tb@ OpenBSD-Commit-ID: e317eb17c3e05500ae851f279ef6486f0457c805
cotequeiroz
pushed a commit
to cotequeiroz/openssh-portable
that referenced
this pull request
Aug 29, 2018
avoids unlikely double-free later. Reported by Viktor Dukhovni via openssh#96 feedback jsing@ tb@ OpenBSD-Commit-ID: e317eb17c3e05500ae851f279ef6486f0457c805
|
I see the dangling pointer has been addressed, but really the better fix IMHO is to let the ephemeral key get freed when the containing DH structure is freed. The present solution of setting the key to NULL will not work with OpenSSL 1.1 where the DH structure becomes opaque. Please consider not freeing the key instead, it is freshly generated and not sensitive.... |
mirabilos
pushed a commit
to MirBSD/ssh
that referenced
this pull request
Feb 16, 2020
unlikely double-free later. Reported by Viktor Dukhovni via openssh/openssh-portable#96 feedback jsing@ tb@
keradoracomb
pushed a commit
to keradoracomb/datasheet
that referenced
this pull request
Sep 19, 2023
…ly double-free later. Reported by Viktor Dukhovni via openssh/openssh-portable#96 feedback jsing@ tb@
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The call to BN_clear_free() on dh->priv_key leaves a dangling pointer
that will be freed again when the caller of dh_gen_key() calls
DH_free().
Fortunately, AFAIK failrues in DH_generate_key() are very unlikely,
so this should not be observed in practice.