From 7a76b30e4debab8d8908e98e8be8ff663bd1b9bf Mon Sep 17 00:00:00 2001 From: dtucker Date: Fri, 29 Apr 2022 03:16:48 +0000 Subject: [PATCH] Don't leak SK device. Patch from Pedro Martelletto via github PR#316. ok djm@ --- usr.bin/ssh/sk-usbhid.c | 3 ++- usr.bin/ssh/ssh-sk-helper.c | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/usr.bin/ssh/sk-usbhid.c b/usr.bin/ssh/sk-usbhid.c index 795a21d827d..a8186ca51c2 100644 --- a/usr.bin/ssh/sk-usbhid.c +++ b/usr.bin/ssh/sk-usbhid.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sk-usbhid.c,v 1.38 2022/02/07 01:25:12 djm Exp $ */ +/* $OpenBSD: sk-usbhid.c,v 1.39 2022/04/29 03:16:48 dtucker Exp $ */ /* * Copyright (c) 2019 Markus Friedl * Copyright (c) 2020 Pedro Martelletto @@ -1273,6 +1273,7 @@ sk_load_resident_keys(const char *pin, struct sk_option **options, freezero(rks[i]->user_id, rks[i]->user_id_len); freezero(rks[i], sizeof(*rks[i])); } + free(device); free(rks); return ret; } diff --git a/usr.bin/ssh/ssh-sk-helper.c b/usr.bin/ssh/ssh-sk-helper.c index 8b40d1d5c7c..4627866bf99 100644 --- a/usr.bin/ssh/ssh-sk-helper.c +++ b/usr.bin/ssh/ssh-sk-helper.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-sk-helper.c,v 1.12 2021/10/28 02:54:18 djm Exp $ */ +/* $OpenBSD: ssh-sk-helper.c,v 1.13 2022/04/29 03:16:48 dtucker Exp $ */ /* * Copyright (c) 2019 Google LLC * @@ -262,6 +262,7 @@ process_load_resident(struct sshbuf *req) sshsk_free_resident_keys(srks, nsrks); sshbuf_free(kbuf); free(provider); + free(device); if (pin != NULL) freezero(pin, strlen(pin)); return resp; -- 2.20.1