Memory management fixes. Fixed a segfault in SSH1 compression

cleanup noticed by Gerhard Wiesinger, and also fixed some memory
leaks spotted by valgrind while debugging same.

git-svn-id: svn://svn.tartarus.org/sgt/putty@3726 cda61777-01e9-0310-a592-d414129be87e

diff --git a/ssh.c b/ssh.c
index 61786b1..22a0b45 100644 (file)
--- a/ssh.c
+++ b/ssh.c
@@ -2767,6 +2767,7 @@ static int do_ssh1_login(Ssh ssh, unsigned char *in, int inlen, int ispkt)
                    if (s->authed)
                        break;
                }
+               sfree(s->response);
            }
            if (s->authed)
                break;
@@ -4922,6 +4923,7 @@ static void do_ssh2_authconn(Ssh ssh, unsigned char *in, int inlen, int ispkt)
                    if (s->authed)
                        continue;
                }
+               sfree(s->response);
            }
 
            if (!s->method && s->can_pubkey && s->publickey_blob
@@ -6264,10 +6266,18 @@ static void ssh_free(void *handle)
        ssh->csmac->free_context(ssh->cs_mac_ctx);
     if (ssh->sc_mac_ctx)
        ssh->scmac->free_context(ssh->sc_mac_ctx);
-    if (ssh->cs_comp_ctx)
-       ssh->cscomp->compress_cleanup(ssh->cs_comp_ctx);
-    if (ssh->sc_comp_ctx)
-       ssh->sccomp->compress_cleanup(ssh->sc_comp_ctx);
+    if (ssh->cs_comp_ctx) {
+       if (ssh->cscomp)
+           ssh->cscomp->compress_cleanup(ssh->cs_comp_ctx);
+       else
+           zlib_compress_cleanup(ssh->cs_comp_ctx);
+    }
+    if (ssh->sc_comp_ctx) {
+       if (ssh->sccomp)
+           ssh->sccomp->decompress_cleanup(ssh->sc_comp_ctx);
+       else
+           zlib_decompress_cleanup(ssh->sc_comp_ctx);
+    }
     if (ssh->kex_ctx)
        dh_cleanup(ssh->kex_ctx);
     sfree(ssh->savedhost);

diff --git a/sshzlib.c b/sshzlib.c
index 91f5537..4e70d28 100644 (file)
--- a/sshzlib.c
+++ b/sshzlib.c
@@ -602,6 +602,8 @@ void zlib_compress_cleanup(void *handle)
 {
     struct LZ77Context *ectx = (struct LZ77Context *)handle;
     sfree(ectx->userdata);
+    sfree(ectx->ictx);
+    sfree(ectx);
 }
 
 /*
@@ -963,13 +965,15 @@ void *zlib_decompress_init(void)
 void zlib_decompress_cleanup(void *handle)
 {
     struct zlib_decompress_ctx *dctx = (struct zlib_decompress_ctx *)handle;
-    
+
     if (dctx->currlentable && dctx->currlentable != dctx->staticlentable)
        zlib_freetable(&dctx->currlentable);
     if (dctx->currdisttable && dctx->currdisttable != dctx->staticdisttable)
        zlib_freetable(&dctx->currdisttable);
     if (dctx->lenlentable)
        zlib_freetable(&dctx->lenlentable);
+    zlib_freetable(&dctx->staticlentable);
+    zlib_freetable(&dctx->staticdisttable);
     sfree(dctx);
 }