- miod@cvs.openbsd.org 2012/01/08 13:17:11

[ssh-ecdsa.c]
     Fix memory leak in ssh_ecdsa_verify(); from Loganaden Velvindron,
     ok markus@

ChangeLog

@@ -6,6 +6,10 @@
    - djm@cvs.openbsd.org 2012/01/07 21:11:36
      [mux.c]
      fix double-free in new session handler
+   - miod@cvs.openbsd.org 2012/01/08 13:17:11
+     [ssh-ecdsa.c]
+     Fix memory leak in ssh_ecdsa_verify(); from Loganaden Velvindron,
+     ok markus@
 
 20120206
  - (djm) [ssh-keygen.c] Don't fail in do_gen_all_hostkeys on platforms

ssh-ecdsa.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-ecdsa.c,v 1.4 2010/09/10 01:04:10 djm Exp $ */
+/* $OpenBSD: ssh-ecdsa.c,v 1.5 2012/01/08 13:17:11 miod Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  * Copyright (c) 2010 Damien Miller.  All rights reserved.
@@ -145,6 +145,7 @@ ssh_ecdsa_verify(const Key *key, const u_char *signature, u_int signaturelen,
 	buffer_get_bignum2(&bb, sig->s);
 	if (buffer_len(&bb) != 0)
 		fatal("%s: remaining bytes in inner sigblob", __func__);
+	buffer_free(&bb);
 
 	/* clean up */
 	memset(sigblob, 0, len);