simon-git: putty (master): Simon Tatham

Commits to Tartarus hosted VCS tartarus-commits at lists.tartarus.org
Tue Feb 13 19:44:36 GMT 2018 

TL;DR:
  3447047 Don't grow logevent buf indefinitely

Repository:     https://git.tartarus.org/simon/putty.git
On the web:     https://git.tartarus.org/?p=simon/putty.git
Branch updated: master
Committer:      Simon Tatham <anakin at pobox.com>
Date:           2018-02-13 19:44:36

commit 3447047594249fbd0db517b1927b1d59657b2963
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=3447047594249fbd0db517b1927b1d59657b2963;hp=b26bd60df9d172f0ee9f83ee3c1ce42709cb33ee
Author: Nico Williams <nico at cryptonector.com>
Date:   Mon Jul 22 19:09:04 2013 -0400

    Don't grow logevent buf indefinitely
    
    The PuTTY GUIs (Unix and Windows) maintain an in-memory event log
    for display to users as they request.  This uses ints for tracking
    eventlog size, which is subject to memory exhaustion and (given
    enough heap space) overflow attacks by servers (via, e.g., constant
    rekeying).
    
    Also a bounded log is more user-friendly.  It is rare to want more
    than the initial logging and the logging from a few recent rekey
    events.
    
    The Windows fix has been tested using Dr. Memory as a valgrind
    substitute.  No errors corresponding to the affected code showed up.
    The Dr. Memory results.txt was split into a file per-error and then
    
        grep Error $(grep -l windlg *)|cut -d: -f3-|sort |uniq -c
    
    was used to compare.  Differences arose from different usage of the GUI,
    but no error could be traced to the code modified in this commit.
    
    The Unix fix has been tested using valgrind.  We don't destroy the
    eventlog_stuff eventlog arrays, so we can't be entirely sure that we
    don't leak more than we did before, but from code inspection it looks
    like we don't (and anyways, if we leaked as much as before, just without
    the integer overflow, well, that's still an improvement).

 unix/gtkdlg.c    | 71 +++++++++++++++++++++++++++++++++++++++++++-------------
 windows/windlg.c | 59 ++++++++++++++++++++++++++++++++--------------
 2 files changed, 97 insertions(+), 33 deletions(-)

More information about the tartarus-commits mailing list