| From 8e21b1a05f3c0ee098dbcb6c3d84cb61f102a122 Mon Sep 17 00:00:00 2001 |
| From: Daniel Stenberg <daniel@haxx.se> |
| Date: Mon, 8 May 2023 14:33:54 +0200 |
| Subject: [PATCH] libssh2: free fingerprint better |
| |
| Reported-by: Wei Chong Tan |
| Closes #11088 |
| |
| CVE: CVE-2023-28319 |
| Upstream-Status: Backport [https://github.com/curl/curl/commit/8e21b1a05f3c0ee098dbcb6c] |
| Comments: Hunks Refreshed |
| Signed-off-by: Bhabu Bindu <bhabu.bindu@kpit.com> |
| --- |
| lib/vssh/libssh2.c | 3 +-- |
| 1 file changed, 1 insertion(+), 2 deletions(-) |
| |
| diff --git a/lib/vssh/libssh2.c b/lib/vssh/libssh2.c |
| index bfcc94e160178..dd39a844c646b 100644 |
| --- a/lib/vssh/libssh2.c |
| +++ b/lib/vssh/libssh2.c |
| @@ -695,11 +695,10 @@ |
| */ |
| if((pub_pos != b64_pos) || |
| Curl_strncasecompare(fingerprint_b64, pubkey_sha256, pub_pos) != 1) { |
| - free(fingerprint_b64); |
| - |
| failf(data, |
| "Denied establishing ssh session: mismatch sha256 fingerprint. " |
| "Remote %s is not equal to %s", fingerprint_b64, pubkey_sha256); |
| + free(fingerprint_b64); |
| state(data, SSH_SESSION_FREE); |
| sshc->actualcode = CURLE_PEER_FAILED_VERIFICATION; |
| return sshc->actualcode; |