knownhost_add: Avoid dereferencing uninitialized memory on error path.

In function knownhost_add, memory is alocated for a new entry. If normal alocation is used, memory is not initialized to 0 right after, but a check is done to verify if correct key type is passed. This test is done BEFORE setting the memory to null, and on the error path function free_host() is called, that tries to dereference unititialized memory, resulting into a glibc abort(). * knownhost.c - knownhost_add(): - move typemask check before alloc
2011-11-11 14:54:57 +01:00 · 2011-11-11 14:54:57 +01:00 · 378311fe5b
commit 378311fe5b
parent 139278b79f
1 changed files with 7 additions and 10 deletions
--- a/src/knownhost.c
+++ b/src/knownhost.c
@ -131,25 +131,22 @@ knownhost_add(LIBSSH2_KNOWNHOSTS *hosts,
              const char *comment, size_t commentlen,
              int typemask, struct libssh2_knownhost **store)
 {
-    struct known_host *entry =
-        LIBSSH2_ALLOC(hosts->session, sizeof(struct known_host));
+    struct known_host *entry;
    size_t hostlen = strlen(host);
    int rc;
    char *ptr;
    unsigned int ptrlen;

-    if(!entry)
+    /* make sure we have a key type set */
+    if(!(typemask & LIBSSH2_KNOWNHOST_KEY_MASK))
+        return _libssh2_error(hosts->session, LIBSSH2_ERROR_INVAL,
+                              "No key type set");
+
+    if(!(entry = LIBSSH2_ALLOC(hosts->session, sizeof(struct known_host))))
        return _libssh2_error(hosts->session, LIBSSH2_ERROR_ALLOC,
                              "Unable to allocate memory for known host "
                              "entry");

-    /* make sure we have a key type set */
-    if(!(typemask & LIBSSH2_KNOWNHOST_KEY_MASK)) {
-        rc = _libssh2_error(hosts->session, LIBSSH2_ERROR_INVAL,
-                            "No key type set");
-        goto error;
-    }
-
    memset(entry, 0, sizeof(struct known_host));

    entry->typemask = typemask;