- markus@cvs.openbsd.org 2011/09/11 16:07:26

     [sftp-client.c]
     fix leaks in do_hardlink() and do_readlink(); bz#1921
     from Loganaden Velvindron

2 files changed, 10 insertions, 5 deletions

diff --git a/ChangeLog b/ChangeLog
index f4baa4eb..a8846d47 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -63,6 +63,10 @@
    - okan@cvs.openbsd.org 2011/09/11 06:59:05
      [ssh.1]
      document new -O cancel command; ok djm@
+   - markus@cvs.openbsd.org 2011/09/11 16:07:26
+     [sftp-client.c]
+     fix leaks in do_hardlink() and do_readlink(); bz#1921
+     from Loganaden Velvindron
 
 20110909
  - (dtucker) [entropy.h] Bug #1932: remove old definition of init_rng.  From
diff --git a/sftp-client.c b/sftp-client.c
index caa384b4..b6d40214 100644
--- a/sftp-client.c
+++ b/sftp-client.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sftp-client.c,v 1.94 2010/12/04 00:18:01 djm Exp $ */
+/* $OpenBSD: sftp-client.c,v 1.95 2011/09/11 16:07:26 markus Exp $ */
 /*
  * Copyright (c) 2001-2004 Damien Miller <djm@openbsd.org>
  *
@@ -805,15 +805,15 @@ do_hardlink(struct sftp_conn *conn, char *oldpath, char *newpath)
 	Buffer msg;
 	u_int status, id;
 
-	buffer_init(&msg);
-
-	/* Send link request */
-	id = conn->msg_id++;
 	if ((conn->exts & SFTP_EXT_HARDLINK) == 0) {
 		error("Server does not support hardlink@openssh.com extension");
 		return -1;
 	}
 
+	buffer_init(&msg);
+
+	/* Send link request */
+	id = conn->msg_id++;
 	buffer_put_char(&msg, SSH2_FXP_EXTENDED);
 	buffer_put_int(&msg, id);
 	buffer_put_cstring(&msg, "hardlink@openssh.com");
@@ -889,6 +889,7 @@ do_readlink(struct sftp_conn *conn, char *path)
 		u_int status = buffer_get_int(&msg);
 
 		error("Couldn't readlink: %s", fx2txt(status));
+		buffer_free(&msg);
 		return(NULL);
 	} else if (type != SSH2_FXP_NAME)
 		fatal("Expected SSH2_FXP_NAME(%u) packet, got %u",