Const-correctness of name fields in struct ssh_*.

All the name strings in ssh_cipher, ssh_mac, ssh_hash, ssh_signkey
point to compile-time string literals, hence should obviously be const
char *.

Most of these const-correctness patches are just a mechanical job of
adding a 'const' in the one place you need it right now, and then
chasing the implications through the code adding further consts until
it compiles. But this one has actually shown up a bug: the 'algorithm'
output parameter in ssh2_userkey_loadpub was sometimes returning a
pointer to a string literal, and sometimes a pointer to dynamically
allocated memory, so callers were forced to either sometimes leak
memory or sometimes free a bad thing. Now it's consistently
dynamically allocated, and should be freed everywhere too.

diff --git a/cmdgen.c b/cmdgen.c
index df3fd9af57ba69aa48a8140012690f1933c385f8..3d51347b6a3ec113550a23664a56454827e5322f 100644 (file)
--- a/cmdgen.c
+++ b/cmdgen.c
@@ -790,6 +790,7 @@ int main(int argc, char **argv)
                     else
                         bits = -1;
                 }
+                sfree(ssh2alg);
            } else {
                ssh2key = ssh2_load_userkey(infilename, passphrase, &error);
            }

diff --git a/macosx/osxdlg.m b/macosx/osxdlg.m
index 295b675520d790c08a1b6afc81115016758b228a..0940781963739b638a50b6fa3831b7f78f47101b 100644 (file)
--- a/macosx/osxdlg.m
+++ b/macosx/osxdlg.m
@@ -410,8 +410,8 @@ static void verify_ssh_host_key_callback(void *ctx, int result)
     sfree(state);
 }
 
-int verify_ssh_host_key(void *frontend, char *host, int port, char *keytype,
-                        char *keystr, char *fingerprint,
+int verify_ssh_host_key(void *frontend, char *host, int port,
+                        const char *keytype, char *keystr, char *fingerprint,
                         void (*callback)(void *ctx, int result), void *ctx)
 {
     static const char absenttxt[] =

diff --git a/putty.h b/putty.h
index 6351a78f44f18e07f0e7f1f1ff89c9540f3aeec8..60a0b9fca3a2fe2394f57b532645d69ba13a4f56 100644 (file)
--- a/putty.h
+++ b/putty.h
@@ -1193,8 +1193,8 @@ void pgp_fingerprints(void);
  *    back via the provided function with a result that's either 0
  *    or +1'.
  */
-int verify_ssh_host_key(void *frontend, char *host, int port, char *keytype,
-                        char *keystr, char *fingerprint,
+int verify_ssh_host_key(void *frontend, char *host, int port,
+                        const char *keytype, char *keystr, char *fingerprint,
                         void (*callback)(void *ctx, int result), void *ctx);
 /*
  * askalg has the same set of return values as verify_ssh_host_key.

diff --git a/ssh.c b/ssh.c
index 0f4712d89360e622c2a012c09b23148e00323931..db820050c0ba9be5e2d20ad21ff4941e85d5a9e0 100644 (file)
--- a/ssh.c
+++ b/ssh.c
@@ -10275,6 +10275,7 @@ static void do_ssh2_authconn(Ssh ssh, unsigned char *in, int inlen,
 
     /* Clear up various bits and pieces from authentication. */
     if (s->publickey_blob) {
+       sfree(s->publickey_algorithm);
        sfree(s->publickey_blob);
        sfree(s->publickey_comment);
     }

diff --git a/ssh.h b/ssh.h
index 272bc8b94c090a0812b670a9c7e4062a66c2d249..ffa886654ec46846911e725c19e346f5d8d8f13a 100644 (file)
--- a/ssh.h
+++ b/ssh.h
@@ -293,7 +293,7 @@ struct ssh_cipher {
     void (*encrypt) (void *, unsigned char *blk, int len);
     void (*decrypt) (void *, unsigned char *blk, int len);
     int blksize;
-    char *text_name;
+    const char *text_name;
 };
 
 struct ssh2_cipher {
@@ -308,7 +308,7 @@ struct ssh2_cipher {
     int keylen;
     unsigned int flags;
 #define SSH_CIPHER_IS_CBC      1
-    char *text_name;
+    const char *text_name;
 };
 
 struct ssh2_ciphers {
@@ -328,9 +328,9 @@ struct ssh_mac {
     void (*bytes) (void *, unsigned char const *, int);
     void (*genresult) (void *, unsigned char *);
     int (*verresult) (void *, unsigned char const *);
-    char *name, *etm_name;
+    const char *name, *etm_name;
     int len;
-    char *text_name;
+    const char *text_name;
 };
 
 struct ssh_hash {
@@ -338,7 +338,7 @@ struct ssh_hash {
     void (*bytes)(void *, const void *, int);
     void (*final)(void *, unsigned char *); /* also frees context */
     int hlen; /* output length in bytes */
-    char *text_name;
+    const char *text_name;
 };   
 
 struct ssh_kex {
@@ -379,8 +379,8 @@ struct ssh_signkey {
                      const char *data, int datalen);
     unsigned char *(*sign) (void *key, const char *data, int datalen,
                            int *siglen);
-    char *name;
-    char *keytype;                    /* for host key cache */
+    const char *name;
+    const char *keytype;               /* for host key cache */
 };
 
 struct ssh_compress {
@@ -397,7 +397,7 @@ struct ssh_compress {
     int (*decompress) (void *, unsigned char *block, int len,
                       unsigned char **outblock, int *outlen);
     int (*disable_compression) (void *);
-    char *text_name;
+    const char *text_name;
 };
 
 struct ssh2_userkey {

diff --git a/sshpubk.c b/sshpubk.c
index e5952a0ad29482f1e17a0f23967df5e989449c57..2070fe41dd1605e93fc0bdd6471b4e691dd0ed35 100644 (file)
--- a/sshpubk.c
+++ b/sshpubk.c
@@ -1191,7 +1191,7 @@ unsigned char *ssh2_userkey_loadpub(const Filename *filename, char **algorithm,
     if (pub_blob_len)
        *pub_blob_len = public_blob_len;
     if (algorithm)
-       *algorithm = alg->name;
+       *algorithm = dupstr(alg->name);
     return public_blob;
 
     /*

diff --git a/unix/gtkdlg.c b/unix/gtkdlg.c
index 190619889e16a6a61b37be0767128a8858e022af..8007b75c85265824081f501a15e1bb6052df6a16 100644 (file)
--- a/unix/gtkdlg.c
+++ b/unix/gtkdlg.c
@@ -3257,8 +3257,8 @@ int reallyclose(void *frontend)
     return ret;
 }
 
-int verify_ssh_host_key(void *frontend, char *host, int port, char *keytype,
-                        char *keystr, char *fingerprint,
+int verify_ssh_host_key(void *frontend, char *host, int port,
+                        const char *keytype, char *keystr, char *fingerprint,
                         void (*callback)(void *ctx, int result), void *ctx)
 {
     static const char absenttxt[] =

diff --git a/unix/uxcons.c b/unix/uxcons.c
index 882d2c9bfe4fa949b704f2ec1a1fc081681c476e..ea6297c4980382c753ceb835bc5b8fcf2f90b0d6 100644 (file)
--- a/unix/uxcons.c
+++ b/unix/uxcons.c
@@ -74,8 +74,8 @@ void timer_change_notify(unsigned long next)
 {
 }
 
-int verify_ssh_host_key(void *frontend, char *host, int port, char *keytype,
-                        char *keystr, char *fingerprint,
+int verify_ssh_host_key(void *frontend, char *host, int port,
+                        const char *keytype, char *keystr, char *fingerprint,
                         void (*callback)(void *ctx, int result), void *ctx)
 {
     int ret;

diff --git a/windows/wincons.c b/windows/wincons.c
index 508be3f8d522855931d643e9542eca40427bb72d..a470e74457e997ecd30100e1d003fd0c117bebc5 100644 (file)
--- a/windows/wincons.c
+++ b/windows/wincons.c
@@ -45,8 +45,8 @@ void timer_change_notify(unsigned long next)
 {
 }
 
-int verify_ssh_host_key(void *frontend, char *host, int port, char *keytype,
-                        char *keystr, char *fingerprint,
+int verify_ssh_host_key(void *frontend, char *host, int port,
+                        const char *keytype, char *keystr, char *fingerprint,
                         void (*callback)(void *ctx, int result), void *ctx)
 {
     int ret;

diff --git a/windows/windlg.c b/windows/windlg.c
index aadf88ea5fb68fc096e6f3465e18d5b5529dff32..c6e9c85e555fc60a074a2a4a7b8f933b082e8394 100644 (file)
--- a/windows/windlg.c
+++ b/windows/windlg.c
@@ -745,8 +745,8 @@ void showabout(HWND hwnd)
     DialogBox(hinst, MAKEINTRESOURCE(IDD_ABOUTBOX), hwnd, AboutProc);
 }
 
-int verify_ssh_host_key(void *frontend, char *host, int port, char *keytype,
-                        char *keystr, char *fingerprint,
+int verify_ssh_host_key(void *frontend, char *host, int port,
+                        const char *keytype, char *keystr, char *fingerprint,
                         void (*callback)(void *ctx, int result), void *ctx)
 {
     int ret;