memory leak in callback_sshauth_publickey_default in libnetconf

[parkrish]

Hi,

I'm seeing couple of issues with regard to password based authentication in libnetconf. Can these issues be fixed ? Thanks in advance.

1. Memory leak in callback_sshauth_publickey_default We are allocating memory at line 162, but are returning NULL at some places on error without freeing the memory. buf = malloc (buflen * sizeof(char)); if (buf == NULL) { ERROR("Memory allocation failed (%s:%d - %s).", FILE, LINE, strerror(errno)); return (NULL); } if ((tty = fopen("/dev/tty", "r+")) == NULL) { ERROR("Unable to open the current terminal (%s:%d - %s).", FILE, LINE, strerror(errno)); return (NULL); } if (tcgetattr(fileno(tty), &oldterm) != 0) { ERROR("Unable to get terminal settings (%d: %s).", LINE, strerror(errno)); return (NULL); }

2. nc_session_connect_libssh_socket doesn't handle the NULL returned by callback_sshauth_publickey_default In ssh.c line 297, we don't do NULL check and start using returned value , resulting in a crash in libssh eventually. s = callbacks.sshauth_password(username, host); while ((ret_auth = ssh_userauth_password(retval->ssh_sess, username, s)) == SSH_AUTH_AGAIN) {

Best regards, Parameswaran