From b3de815940dabbf3ecbff1486957fbeafab01092 Mon Sep 17 00:00:00 2001 From: Konstantin Demin Date: Tue, 16 Oct 2018 16:31:39 +0300 Subject: [PATCH] dropbear: avoid leak of pubkey_options cherry-pick upstream commit e9edbe8bb204b00c7f4b4fda7eeee9d0177934ae Signed-off-by: Konstantin Demin --- .../008-avoid-leak-of-pubkey_options.patch | 22 +++++++++++++++++++ .../dropbear/patches/100-pubkey_path.patch | 4 ++-- 2 files changed, 24 insertions(+), 2 deletions(-) create mode 100644 package/network/services/dropbear/patches/008-avoid-leak-of-pubkey_options.patch diff --git a/package/network/services/dropbear/patches/008-avoid-leak-of-pubkey_options.patch b/package/network/services/dropbear/patches/008-avoid-leak-of-pubkey_options.patch new file mode 100644 index 0000000000..af3e5ab2b0 --- /dev/null +++ b/package/network/services/dropbear/patches/008-avoid-leak-of-pubkey_options.patch @@ -0,0 +1,22 @@ +--- a/svr-authpubkey.c ++++ b/svr-authpubkey.c +@@ -167,6 +167,9 @@ out: + sign_key_free(key); + key = NULL; + } ++ if (!ses.authstate.authdone) { ++ svr_pubkey_options_cleanup(); ++ } + TRACE(("leave pubkeyauth")) + } + +--- a/svr-authpubkeyoptions.c ++++ b/svr-authpubkeyoptions.c +@@ -113,7 +113,6 @@ void svr_pubkey_options_cleanup() { + m_free(ses.authstate.pubkey_options->forced_command); + } + m_free(ses.authstate.pubkey_options); +- ses.authstate.pubkey_options = NULL; + } + } + diff --git a/package/network/services/dropbear/patches/100-pubkey_path.patch b/package/network/services/dropbear/patches/100-pubkey_path.patch index 019d390309..280606be03 100644 --- a/package/network/services/dropbear/patches/100-pubkey_path.patch +++ b/package/network/services/dropbear/patches/100-pubkey_path.patch @@ -1,6 +1,6 @@ --- a/svr-authpubkey.c +++ b/svr-authpubkey.c -@@ -324,14 +324,20 @@ static int checkpubkey(const char* algo, +@@ -327,14 +327,20 @@ static int checkpubkey(const char* algo, goto out; } @@ -29,7 +29,7 @@ /* open the file as the authenticating user. */ origuid = getuid(); -@@ -408,26 +414,35 @@ static int checkpubkeyperms() { +@@ -411,26 +417,35 @@ static int checkpubkeyperms() { goto out; } -- 2.30.2