- (dtucker) [M auth-chall.c auth-krb5.c auth-pam.c cipher-aes.c cipher-ctr.c

   groupaccess.c loginrec.c monitor.c monitor_wrap.c session.c sshd.c
   sshlogin.c uidswap.c openbsd-compat/bsd-cygwin_util.c
   openbsd-compat/getrrsetbyname-ldns.c openbsd-compat/port-aix.c
   openbsd-compat/port-linux.c] Replace portable-specific instances of xfree
   with the equivalent calls to free.

18 files changed, 66 insertions, 74 deletions

diff --git a/ChangeLog b/ChangeLog
index c64a4046..7f4323e0 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -48,6 +48,12 @@
      [scp.c sftp-client.c]
      Replace S_IWRITE, which isn't standardized, with S_IWUSR, which is.  Patch
      from Nathan Osman via bz#2085.  ok deraadt.
+ - (dtucker) [M auth-chall.c auth-krb5.c auth-pam.c cipher-aes.c cipher-ctr.c
+   groupaccess.c loginrec.c monitor.c monitor_wrap.c session.c sshd.c
+   sshlogin.c uidswap.c openbsd-compat/bsd-cygwin_util.c
+   openbsd-compat/getrrsetbyname-ldns.c openbsd-compat/port-aix.c
+   openbsd-compat/port-linux.c] Replace portable-specific instances of xfree
+   with the equivalent calls to free.
 
 20130529
   - (dtucker) [configure.ac openbsd-compat/bsd-misc.h] bz#2087: Add a null
diff --git a/auth-chall.c b/auth-chall.c
index bfc51eae..0005aa88 100644
--- a/auth-chall.c
+++ b/auth-chall.c
@@ -102,11 +102,11 @@ verify_response(Authctxt *authctxt, const char *response)
 			authenticated = 1;
 
 		for (i = 0; i < numprompts; i++)
-			xfree(prompts[i]);
-		xfree(prompts);
-		xfree(name);
-		xfree(echo_on);
-		xfree(info);
+			free(prompts[i]);
+		free(prompts);
+		free(name);
+		free(echo_on);
+		free(info);
 		break;
 	}
 	device->free_ctx(authctxt->kbdintctxt);
diff --git a/auth-krb5.c b/auth-krb5.c
index 922c66c6..ff1462ad 100644
--- a/auth-krb5.c
+++ b/auth-krb5.c
@@ -181,8 +181,7 @@ auth_krb5_password(Authctxt *authctxt, const char *password)
  out:
 	restore_uid();
 	
-	if (platform_client != NULL)
-		xfree(platform_client);
+	free(platform_client);
 
 	if (problem) {
 		if (ccache)
diff --git a/auth-pam.c b/auth-pam.c
index 675006e6..d51318b3 100644
--- a/auth-pam.c
+++ b/auth-pam.c
@@ -412,10 +412,9 @@ sshpam_thread_conv(int n, sshpam_const struct pam_message **msg,
 
  fail:
 	for(i = 0; i < n; i++) {
-		if (reply[i].resp != NULL)
-			xfree(reply[i].resp);
+		free(reply[i].resp);
 	}
-	xfree(reply);
+	free(reply);
 	buffer_free(&buffer);
 	return (PAM_CONV_ERR);
 }
@@ -586,10 +585,9 @@ sshpam_store_conv(int n, sshpam_const struct pam_message **msg,
 
  fail:
 	for(i = 0; i < n; i++) {
-		if (reply[i].resp != NULL)
-			xfree(reply[i].resp);
+		free(reply[i].resp);
 	}
-	xfree(reply);
+	free(reply);
 	return (PAM_CONV_ERR);
 }
 
@@ -693,7 +691,7 @@ sshpam_init_ctx(Authctxt *authctxt)
 	/* Start the authentication thread */
 	if (socketpair(AF_UNIX, SOCK_STREAM, PF_UNSPEC, socks) == -1) {
 		error("PAM: failed create sockets: %s", strerror(errno));
-		xfree(ctxt);
+		free(ctxt);
 		return (NULL);
 	}
 	ctxt->pam_psock = socks[0];
@@ -703,7 +701,7 @@ sshpam_init_ctx(Authctxt *authctxt)
 		    strerror(errno));
 		close(socks[0]);
 		close(socks[1]);
-		xfree(ctxt);
+		free(ctxt);
 		return (NULL);
 	}
 	cleanup_ctxt = ctxt;
@@ -742,7 +740,7 @@ sshpam_query(void *ctx, char **name, char **info,
 			strlcpy(**prompts + plen, msg, len - plen);
 			plen += mlen;
 			**echo_on = (type == PAM_PROMPT_ECHO_ON);
-			xfree(msg);
+			free(msg);
 			return (0);
 		case PAM_ERROR_MSG:
 		case PAM_TEXT_INFO:
@@ -753,7 +751,7 @@ sshpam_query(void *ctx, char **name, char **info,
 			plen += mlen;
 			strlcat(**prompts + plen, "\n", len - plen);
 			plen++;
-			xfree(msg);
+			free(msg);
 			break;
 		case PAM_ACCT_EXPIRED:
 			sshpam_account_status = 0;
@@ -766,7 +764,7 @@ sshpam_query(void *ctx, char **name, char **info,
 				*num = 0;
 				**echo_on = 0;
 				ctxt->pam_done = -1;
-				xfree(msg);
+				free(msg);
 				return 0;
 			}
 			/* FALLTHROUGH */
@@ -776,7 +774,7 @@ sshpam_query(void *ctx, char **name, char **info,
 				debug("PAM: %s", **prompts);
 				buffer_append(&loginmsg, **prompts,
 				    strlen(**prompts));
-				xfree(**prompts);
+				free(**prompts);
 				**prompts = NULL;
 			}
 			if (type == PAM_SUCCESS) {
@@ -790,7 +788,7 @@ sshpam_query(void *ctx, char **name, char **info,
 				*num = 0;
 				**echo_on = 0;
 				ctxt->pam_done = 1;
-				xfree(msg);
+				free(msg);
 				return (0);
 			}
 			error("PAM: %s for %s%.100s from %.100s", msg,
@@ -801,7 +799,7 @@ sshpam_query(void *ctx, char **name, char **info,
 		default:
 			*num = 0;
 			**echo_on = 0;
-			xfree(msg);
+			free(msg);
 			ctxt->pam_done = -1;
 			return (-1);
 		}
@@ -852,7 +850,7 @@ sshpam_free_ctx(void *ctxtp)
 
 	debug3("PAM: %s entering", __func__);
 	sshpam_thread_cleanup();
-	xfree(ctxt);
+	free(ctxt);
 	/*
 	 * We don't call sshpam_cleanup() here because we may need the PAM
 	 * handle at a later stage, e.g. when setting up a session.  It's
@@ -1006,10 +1004,9 @@ sshpam_tty_conv(int n, sshpam_const struct pam_message **msg,
 
  fail:
 	for(i = 0; i < n; i++) {
-		if (reply[i].resp != NULL)
-			xfree(reply[i].resp);
+		free(reply[i].resp);
 	}
-	xfree(reply);
+	free(reply);
 	return (PAM_CONV_ERR);
 }
 
@@ -1081,7 +1078,7 @@ do_pam_putenv(char *name, char *value)
 
 	snprintf(compound, len, "%s=%s", name, value);
 	ret = pam_putenv(sshpam_handle, compound);
-	xfree(compound);
+	free(compound);
 #endif
 
 	return (ret);
@@ -1108,8 +1105,8 @@ free_pam_environment(char **env)
 		return;
 
 	for (envp = env; *envp; envp++)
-		xfree(*envp);
-	xfree(env);
+		free(*envp);
+	free(env);
 }
 
 /*
@@ -1165,10 +1162,9 @@ sshpam_passwd_conv(int n, sshpam_const struct pam_message **msg,
 
  fail:
 	for(i = 0; i < n; i++) {
-		if (reply[i].resp != NULL)
-			xfree(reply[i].resp);
+		free(reply[i].resp);
 	}
-	xfree(reply);
+	free(reply);
 	return (PAM_CONV_ERR);
 }
 
diff --git a/cipher-aes.c b/cipher-aes.c
index 07ec7aa5..8b101727 100644
--- a/cipher-aes.c
+++ b/cipher-aes.c
@@ -120,7 +120,7 @@ ssh_rijndael_cleanup(EVP_CIPHER_CTX *ctx)
 
 	if ((c = EVP_CIPHER_CTX_get_app_data(ctx)) != NULL) {
 		memset(c, 0, sizeof(*c));
-		xfree(c);
+		free(c);
 		EVP_CIPHER_CTX_set_app_data(ctx, NULL);
 	}
 	return (1);
diff --git a/cipher-ctr.c b/cipher-ctr.c
index d1fe69f5..ea0f9b3b 100644
--- a/cipher-ctr.c
+++ b/cipher-ctr.c
@@ -104,7 +104,7 @@ ssh_aes_ctr_cleanup(EVP_CIPHER_CTX *ctx)
 
 	if ((c = EVP_CIPHER_CTX_get_app_data(ctx)) != NULL) {
 		memset(c, 0, sizeof(*c));
-		xfree(c);
+		free(c);
 		EVP_CIPHER_CTX_set_app_data(ctx, NULL);
 	}
 	return (1);
diff --git a/groupaccess.c b/groupaccess.c
index 020deace..1eab10b1 100644
--- a/groupaccess.c
+++ b/groupaccess.c
@@ -69,7 +69,7 @@ ga_init(const char *user, gid_t base)
 	for (i = 0, j = 0; i < ngroups; i++)
 		if ((gr = getgrgid(groups_bygid[i])) != NULL)
 			groups_byname[j++] = xstrdup(gr->gr_name);
-	xfree(groups_bygid);
+	free(groups_bygid);
 	return (ngroups = j);
 }
 
@@ -125,6 +125,6 @@ ga_free(void)
 		for (i = 0; i < ngroups; i++)
 			free(groups_byname[i]);
 		ngroups = 0;
-		xfree(groups_byname);
+		free(groups_byname);
 	}
 }
diff --git a/loginrec.c b/loginrec.c
index f9662fa5..59e8a44e 100644
--- a/loginrec.c
+++ b/loginrec.c
@@ -347,7 +347,7 @@ logininfo *login_alloc_entry(pid_t pid, const char *username,
 void
 login_free_entry(struct logininfo *li)
 {
-	xfree(li);
+	free(li);
 }
 
 
diff --git a/monitor.c b/monitor.c
index 6acb2025..7286126f 100644
--- a/monitor.c
+++ b/monitor.c
@@ -988,7 +988,7 @@ mm_answer_skeyrespond(int sock, Buffer *m)
 	    skey_haskey(authctxt->pw->pw_name) == 0 &&
 	    skey_passcheck(authctxt->pw->pw_name, response) != -1);
 
-	xfree(response);
+	free(response);
 
 	buffer_clear(m);
 	buffer_put_int(m, authok);
@@ -1073,19 +1073,17 @@ mm_answer_pam_query(int sock, Buffer *m)
 	buffer_clear(m);
 	buffer_put_int(m, ret);
 	buffer_put_cstring(m, name);
-	xfree(name);
+	free(name);
 	buffer_put_cstring(m, info);
-	xfree(info);
+	free(info);
 	buffer_put_int(m, num);
 	for (i = 0; i < num; ++i) {
 		buffer_put_cstring(m, prompts[i]);
-		xfree(prompts[i]);
+		free(prompts[i]);
 		buffer_put_int(m, echo_on[i]);
 	}
-	if (prompts != NULL)
-		xfree(prompts);
-	if (echo_on != NULL)
-		xfree(echo_on);
+	free(prompts);
+	free(echo_on);
 	auth_method = "keyboard-interactive";
 	auth_submethod = "pam";
 	mm_request_send(sock, MONITOR_ANS_PAM_QUERY, m);
@@ -1108,8 +1106,8 @@ mm_answer_pam_respond(int sock, Buffer *m)
 			resp[i] = buffer_get_string(m, NULL);
 		ret = (sshpam_device.respond)(sshpam_ctxt, num, resp);
 		for (i = 0; i < num; ++i)
-			xfree(resp[i]);
-		xfree(resp);
+			free(resp[i]);
+		free(resp);
 	} else {
 		ret = (sshpam_device.respond)(sshpam_ctxt, num, NULL);
 	}
@@ -1764,7 +1762,7 @@ mm_answer_audit_command(int socket, Buffer *m)
 	cmd = buffer_get_string(m, &len);
 	/* sanity check command, if so how? */
 	audit_run_command(cmd);
-	xfree(cmd);
+	free(cmd);
 	return (0);
 }
 #endif /* SSH_AUDIT_EVENTS */
diff --git a/monitor_wrap.c b/monitor_wrap.c
index b1870fcb..88ff6833 100644
--- a/monitor_wrap.c
+++ b/monitor_wrap.c
@@ -805,7 +805,7 @@ mm_do_pam_account(void)
 	ret = buffer_get_int(&m);
 	msg = buffer_get_string(&m, NULL);
 	buffer_append(&loginmsg, msg, strlen(msg));
-	xfree(msg);
+	free(msg);
 
 	buffer_free(&m);
 
@@ -1035,7 +1035,7 @@ mm_skey_query(void *ctx, char **name, char **infotxt,
 	mm_chall_setup(name, infotxt, numprompts, prompts, echo_on);
 
 	xasprintf(*prompts, "%s%s", challenge, SKEY_PROMPT);
-	xfree(challenge);
+	free(challenge);
 
 	return (0);
 }
diff --git a/openbsd-compat/bsd-cygwin_util.c b/openbsd-compat/bsd-cygwin_util.c
index d3d2d913..267e77a1 100644
--- a/openbsd-compat/bsd-cygwin_util.c
+++ b/openbsd-compat/bsd-cygwin_util.c
@@ -97,7 +97,7 @@ fetch_windows_environment(void)
 void
 free_windows_environment(char **p)
 {
-	xfree(p);
+	free(p);
 }
 
 #endif /* HAVE_CYGWIN */
diff --git a/openbsd-compat/getrrsetbyname-ldns.c b/openbsd-compat/getrrsetbyname-ldns.c
index 19666346..343720f1 100644
--- a/openbsd-compat/getrrsetbyname-ldns.c
+++ b/openbsd-compat/getrrsetbyname-ldns.c
@@ -58,7 +58,6 @@
 
 #define malloc(x)	(xmalloc(x))
 #define calloc(x, y)	(xcalloc((x),(y)))
-#define free(x)		(xfree(x))
 
 int
 getrrsetbyname(const char *hostname, unsigned int rdclass,
diff --git a/openbsd-compat/port-aix.c b/openbsd-compat/port-aix.c
index 0bdefbf6..8da367d4 100644
--- a/openbsd-compat/port-aix.c
+++ b/openbsd-compat/port-aix.c
@@ -86,7 +86,7 @@ aix_usrinfo(struct passwd *pw)
 		fatal("Couldn't set usrinfo: %s", strerror(errno));
 	debug3("AIX/UsrInfo: set len %d", i);
 
-	xfree(cp);
+	free(cp);
 }
 
 # ifdef WITH_AIXAUTHENTICATE
@@ -215,16 +215,14 @@ sys_auth_passwd(Authctxt *ctxt, const char *password)
 		default: /* user can't change(2) or other error (-1) */
 			logit("Password can't be changed for user %s: %.100s",
 			    name, msg);
-			if (msg)
-				xfree(msg);
+			free(msg);
 			authsuccess = 0;
 		}
 
 		aix_restoreauthdb();
 	}
 
-	if (authmsg != NULL)
-		xfree(authmsg);
+	free(authmsg);
 
 	return authsuccess;
 }
@@ -269,7 +267,7 @@ sys_auth_allowed_user(struct passwd *pw, Buffer *loginmsg)
 
 	if (!permitted)
 		logit("Login restricted for %s: %.100s", pw->pw_name, msg);
-	xfree(msg);
+	free(msg);
 	return permitted;
 }
 
diff --git a/openbsd-compat/port-linux.c b/openbsd-compat/port-linux.c
index aba75387..4637a7a3 100644
--- a/openbsd-compat/port-linux.c
+++ b/openbsd-compat/port-linux.c
@@ -1,4 +1,4 @@
-/* $Id: port-linux.c,v 1.17 2012/03/08 23:25:18 djm Exp $ */
+/* $Id: port-linux.c,v 1.18 2013/06/01 22:07:32 dtucker Exp $ */
 
 /*
  * Copyright (c) 2005 Daniel Walsh <dwalsh@redhat.com>
@@ -96,10 +96,8 @@ ssh_selinux_getctxbyname(char *pwname)
 	}
 
 #ifdef HAVE_GETSEUSERBYNAME
-	if (sename != NULL)
-		xfree(sename);
-	if (lvl != NULL)
-		xfree(lvl);
+	free(sename);
+	free(lvl);
 #endif
 
 	return sc;
@@ -217,8 +215,8 @@ ssh_selinux_change_context(const char *newname)
 	if (setcon(newctx) < 0)
 		switchlog("%s: setcon %s from %s failed with %s", __func__,
 		    newctx, oldctx, strerror(errno));
-	xfree(oldctx);
-	xfree(newctx);
+	free(oldctx);
+	free(newctx);
 }
 
 void
diff --git a/session.c b/session.c
index f47cc178..1424825c 100644
--- a/session.c
+++ b/session.c
@@ -1092,8 +1092,8 @@ read_etc_default_login(char ***env, u_int *envsize, uid_t uid)
 			umask((mode_t)mask);
 
 	for (i = 0; tmpenv[i] != NULL; i++)
-		xfree(tmpenv[i]);
-	xfree(tmpenv);
+		free(tmpenv[i]);
+	free(tmpenv);
 }
 #endif /* HAVE_ETC_DEFAULT_LOGIN */
 
@@ -1109,7 +1109,7 @@ copy_environment(char **source, char ***env, u_int *envsize)
 	for(i = 0; source[i] != NULL; i++) {
 		var_name = xstrdup(source[i]);
 		if ((var_val = strstr(var_name, "=")) == NULL) {
-			xfree(var_name);
+			free(var_name);
 			continue;
 		}
 		*var_val++ = '\0';
@@ -1117,7 +1117,7 @@ copy_environment(char **source, char ***env, u_int *envsize)
 		debug3("Copy environment: %s=%s", var_name, var_val);
 		child_set_env(env, envsize, var_name, var_val);
 
-		xfree(var_name);
+		free(var_name);
 	}
 }
 
diff --git a/sshd.c b/sshd.c
index 069e95ff..c0ba420a 100644
--- a/sshd.c
+++ b/sshd.c
@@ -1616,7 +1616,7 @@ main(int ac, char **av)
 	} else {
 		memset(privsep_pw->pw_passwd, 0, strlen(privsep_pw->pw_passwd));
 		privsep_pw = pwcopy(privsep_pw);
-		xfree(privsep_pw->pw_passwd);
+		free(privsep_pw->pw_passwd);
 		privsep_pw->pw_passwd = xstrdup("*");
 	}
 	endpwent();
diff --git a/sshlogin.c b/sshlogin.c
index 54629f74..2688d8d7 100644
--- a/sshlogin.c
+++ b/sshlogin.c
@@ -97,7 +97,7 @@ store_lastlog_message(const char *user, uid_t uid)
 	time_string = sys_auth_get_lastlogin_msg(user, uid);
 	if (time_string != NULL) {
 		buffer_append(&loginmsg, time_string, strlen(time_string));
-		xfree(time_string);
+		free(time_string);
 	}
 # else
 	last_login_time = get_last_login_time(uid, user, hostname,
diff --git a/uidswap.c b/uidswap.c
index cdd7309e..26d17f93 100644
--- a/uidswap.c
+++ b/uidswap.c
@@ -90,8 +90,7 @@ temporarily_use_uid(struct passwd *pw)
 		if (getgroups(saved_egroupslen, saved_egroups) < 0)
 			fatal("getgroups: %.100s", strerror(errno));
 	} else { /* saved_egroupslen == 0 */
-		if (saved_egroups != NULL)
-			xfree(saved_egroups);
+		free(saved_egroups);
 	}
 
 	/* set and save the user's groups */
@@ -109,8 +108,7 @@ temporarily_use_uid(struct passwd *pw)
 			if (getgroups(user_groupslen, user_groups) < 0)
 				fatal("getgroups: %.100s", strerror(errno));
 		} else { /* user_groupslen == 0 */
-			if (user_groups)
-				xfree(user_groups);
+			free(user_groups);
 		}
 	}
 	/* Set the effective uid to the given (unprivileged) uid. */