simon-git: putty (master): Simon Tatham
Commits to Tartarus hosted VCS
tartarus-commits at lists.tartarus.org
Fri Nov 23 19:22:16 GMT 2018
TL;DR:
85770b20 Add missing expire_timer_context in ssh2_transport_free.
Repository: https://git.tartarus.org/simon/putty.git
On the web: https://git.tartarus.org/?p=simon/putty.git
Branch updated: master
Committer: Simon Tatham <anakin at pobox.com>
Date: 2018-11-23 19:22:16
commit 85770b203681247be68db0ce59fde94dbede4062
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=85770b203681247be68db0ce59fde94dbede4062;hp=6de69d001f53f02278d9e30663157b5b16da9fe8
Author: Simon Tatham <anakin at pobox.com>
Date: Fri Nov 23 19:21:01 2018 +0000
Add missing expire_timer_context in ssh2_transport_free.
This should have been moved over from the main ssh_free function back
when I did the original splitting-up of ssh.c: the transport layer
schedules a timer for rekeying (and also for GSSAPI credential
checks), so when it's freed, it needs to ensure the timer doesn't get
called anyway on a stale pointer.
Two users reported this in the form of an assertion failure in
conf_get_int (when ssh2_transport_timer asks for CONF_ssh_rekey_time,
if the tree234 call inside conf_get_int is confused by the contents of
the freed memory into returning failure). In other circumstances (if
the freed memory has different contents) it manifests as a segfault,
but it's the same underlying bug either way.
ssh2transport.c | 2 ++
1 file changed, 2 insertions(+)
More information about the tartarus-commits
mailing list