SSHD/Echoserver: Fix memory leaks and public-key lookup#1071
Conversation
wolfSSL-Fenrir-bot
left a comment
There was a problem hiding this comment.
Fenrir Automated Review — PR #1071
Scan targets checked: wolfssh-bugs, wolfssh-src
Findings: 1
1 finding(s) posted as inline comments (see file-level comments below)
This review was generated automatically by Fenrir. Findings are non-blocking.
a4fa57f to
a3e4a11
Compare
wolfSSL-Fenrir-bot
left a comment
There was a problem hiding this comment.
Fenrir Automated Review — PR #1071
Scan targets checked: wolfssh-bugs, wolfssh-src
Findings: 1
1 finding(s) posted as inline comments (see file-level comments below)
This review was generated automatically by Fenrir. Findings are non-blocking.
a3e4a11 to
164dc44
Compare
wolfSSL-Fenrir-bot
left a comment
There was a problem hiding this comment.
Fenrir Automated Review — PR #1071
Scan targets checked: wolfssh-bugs, wolfssh-src
No new issues found in the changed files. ✅
164dc44 to
7958c10
Compare
wolfSSL-Fenrir-bot
left a comment
There was a problem hiding this comment.
Fenrir Automated Review — PR #1071
Scan targets checked: wolfssh-bugs, wolfssh-src
No new issues found in the changed files. ✅
aidangarske
left a comment
There was a problem hiding this comment.
🐺 Skoll Code Review
Overall recommendation: COMMENT
Findings: 3 total — 3 posted, 0 skipped
Posted findings
- [Medium] Privilege-separation permission behavior lacks regression tests —
apps/wolfsshd/auth.c:1853-1961 - [Medium] Multiple public-key lookup fix has no regression coverage —
examples/echoserver/echoserver.c:2677-2727 - [Low] New bare scope block violates local C convention —
apps/wolfsshd/auth.c:1952-1974
Review generated by Skoll.
7958c10 to
7337100
Compare
wolfSSL-Fenrir-bot
left a comment
There was a problem hiding this comment.
Fenrir Automated Review — PR #1071
Scan targets checked: wolfssh-bugs, wolfssh-src
No new issues found in the changed files. ✅
Fixed: Memory leaks, multiple public-key lookups per user in the echoserver, and authentication privilege errors.
promptData.promptsandpromptData.promptLengthson allocation failure pathways.wsUserAuthin echoserver.c to traverse allregistered public keys for a matching user name instead of immediately returning an invalid
key error on the first hash mismatch.
keyLoadBufunderWOLFSSH_SMALL_STACKconfigurations for all early exit paths insideechoserver_test.