simon-git: putty (master): Simon Tatham

Commits to Tartarus hosted VCS tartarus-commits at lists.tartarus.org
Tue Jan 14 19:57:33 GMT 2020 

TL;DR:
  12aa06cc Fix double-free in remote->local forwardings.
  02d0990b cgtest: default to deleting temporary key files.

Repository:     https://git.tartarus.org/simon/putty.git
On the web:     https://git.tartarus.org/?p=simon/putty.git
Branch updated: master
Committer:      Simon Tatham <anakin at pobox.com>
Date:           2020-01-14 19:57:33

commit 12aa06ccc98cf8a912eb2ea54f02d234f2f8c173
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=12aa06ccc98cf8a912eb2ea54f02d234f2f8c173;hp=00065111c97b3891ea4a79ea09d91edef516f21b
Author: Simon Tatham <anakin at pobox.com>
Date:   Tue Jan 14 19:52:54 2020 +0000

    Fix double-free in remote->local forwardings.
    
    This bug applies to both the new stream-based agent forwarding, and
    ordinary remote->local TCP port forwardings, because it was introduced
    by the preliminary infrastructure in commit 09954a87c.
    
    new_connection() and sk_new() accept a SockAddr *, and take ownership
    of it. So it's a mistake to make an address, connect to it, and then
    sk_addr_free() it: the free will decrement its reference count to
    zero, and then the Socket made by the connection will be holding a
    stale pointer. But that's exactly what I was doing in the version of
    portfwdmgr_connect() that I rewrote in that refactoring. And then I
    made the same error again in commit ae1148267 in the Unix stream-based
    agent forwarding.
    
    Now both fixed. Rather than remove the sk_addr_free() to make the code
    look more like it used to, I've instead solved the problem by adding
    an sk_addr_dup() at the point of making the connection. The idea is
    that that should be more robust, in that it will still do the right
    thing if portfwdmgr_connect_socket should later change so as not to
    call its connect helper function at all.
    
    The new Windows stream-based agent forwarding is unaffected by this
    bug, because it calls new_named_pipe_client() with a pathname in
    string format, without first wrapping it into a SockAddr.

 portfwd.c       | 5 +++--
 unix/uxagentc.c | 2 +-
 2 files changed, 4 insertions(+), 3 deletions(-)

commit 02d0990bd576a7cb5a816684cea5387f4fc46c01
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=02d0990bd576a7cb5a816684cea5387f4fc46c01;hp=12aa06ccc98cf8a912eb2ea54f02d234f2f8c173
Author: Simon Tatham <anakin at pobox.com>
Date:   Tue Jan 14 19:53:06 2020 +0000

    cgtest: default to deleting temporary key files.
    
    This stops cgtest from leaving detritus all over my git checkout.
    There's a --keep option to revert to the previous behaviour, just in
    case I actually want the detritus on some occasion - although in that
    situation I might also need to arrange that the various intermediate
    files all go by different names, because otherwise there's a good
    chance that the one I cared about would already have been overwritten.

 cmdgen.c | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

More information about the tartarus-commits mailing list