simon-git: putty (master): Simon Tatham
Commits to Tartarus hosted VCS
tartarus-commits at lists.tartarus.org
Sat Mar 2 06:59:12 GMT 2019
TL;DR:
b4ae5af5 add_cc: use sgrowarray when growing the line size.
76bacaab Minor fix to diagnostics under #ifdef TERM_CC_DIAG.
b9f20b84 log_proxy_stderr: limit the length of Event Log lines.
e747e9e5 Use smemclr to wipe defunct bufchain segments.
a7abc7c8 Extra-secure versions of sgrowarray and strbuf.
bde7b6b1 Change sensitive strbufs/sgrowarrays to the new _nm version.
0ceb73fb dupvprintf: fix signedness of return from vsnprintf.
Repository: https://git.tartarus.org/simon/putty.git
On the web: https://git.tartarus.org/?p=simon/putty.git
Branch updated: master
Committer: Simon Tatham <anakin at pobox.com>
Date: 2019-03-02 06:59:12
commit b4ae5af588ec90ca5f62910d337682e2ece21c71
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=b4ae5af588ec90ca5f62910d337682e2ece21c71;hp=e0a76971ccfac1393033b28eba9a4e5a08d4ae78
Author: Simon Tatham <anakin at pobox.com>
Date: Sat Mar 2 06:35:49 2019 +0000
add_cc: use sgrowarray when growing the line size.
Somehow missed this one in commit e0a76971c.
terminal.c | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
commit 76bacaabf0b49627b47f7e1137bfb3c44969d089
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=76bacaabf0b49627b47f7e1137bfb3c44969d089;hp=b4ae5af588ec90ca5f62910d337682e2ece21c71
Author: Simon Tatham <anakin at pobox.com>
Date: Sat Mar 2 06:36:44 2019 +0000
Minor fix to diagnostics under #ifdef TERM_CC_DIAG.
I just tried compiling with that for the first time in a while, and it
had slightly bit-rotted due to adoption of strbuf in compressline().
terminal.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
commit b9f20b84f31aaa5577a314027fe2ae58cc5ddcad
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=b9f20b84f31aaa5577a314027fe2ae58cc5ddcad;hp=76bacaabf0b49627b47f7e1137bfb3c44969d089
Author: Simon Tatham <anakin at pobox.com>
Date: Fri Mar 1 19:18:31 2019 +0000
log_proxy_stderr: limit the length of Event Log lines.
If a proxy command jabbers on standard error in a way that doesn't
involve any newline characters, we now won't keep buffering data for
ever.
(Not that I've heard of it happening, but I noticed the theoretical
possibility on the way past in a recent cleanup pass.)
be_misc.c | 101 ++++++++++++++++++++++++++++++++++++-----------------
network.h | 8 ++++-
unix/uxfdsock.c | 6 ++--
windows/winhsock.c | 9 +++--
4 files changed, 83 insertions(+), 41 deletions(-)
commit e747e9e5291488a48c7096d066659362e2ef40eb
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=e747e9e5291488a48c7096d066659362e2ef40eb;hp=b9f20b84f31aaa5577a314027fe2ae58cc5ddcad
Author: Simon Tatham <anakin at pobox.com>
Date: Fri Mar 1 19:21:46 2019 +0000
Use smemclr to wipe defunct bufchain segments.
A minor precaution against leaving secrets visible in process memory:
bufchains are used all over the place and probably _something_ in one
of them would be better wiped out of RAM.
utils.c | 2 ++
1 file changed, 2 insertions(+)
commit a7abc7c86782c135aa99ad998b156b5c0c3ebed0
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=a7abc7c86782c135aa99ad998b156b5c0c3ebed0;hp=e747e9e5291488a48c7096d066659362e2ef40eb
Author: Simon Tatham <anakin at pobox.com>
Date: Fri Mar 1 19:25:47 2019 +0000
Extra-secure versions of sgrowarray and strbuf.
These versions, distinguished by the _nm suffix on their names, avoid
using realloc to grow the array, in case it moves the block and leaves
a copy of the data in the freed memory at the old address. (The suffix
'nm' stands for 'no moving'.) Instead, the array is grown by making a
new allocation, manually copying the data over, and carefully clearing
the old block before freeing it.
(An alternative would be to give this code base its own custom heap in
which the ordinary realloc takes care about this kind of thing, but I
don't really feel like going to that much effort!)
memory.c | 13 +++++++++++--
misc.h | 14 +++++++++++++-
puttymem.h | 24 ++++++++++++++++++++----
utils.c | 9 +++++++--
4 files changed, 51 insertions(+), 9 deletions(-)
commit bde7b6b158c0f69537fb0b95d2325923b180e3ba
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=bde7b6b158c0f69537fb0b95d2325923b180e3ba;hp=a7abc7c86782c135aa99ad998b156b5c0c3ebed0
Author: Simon Tatham <anakin at pobox.com>
Date: Fri Mar 1 19:28:00 2019 +0000
Change sensitive strbufs/sgrowarrays to the new _nm version.
The _nm strategy is slower, so I don't want to just change everything
over no matter what its contents. In this pass I've tried to catch
everything that holds the _really_ sensitive things like passwords,
private keys and session keys.
import.c | 30 +++++++++++++++---------------
proxy.c | 2 +-
sesschan.c | 2 +-
sftpcommon.c | 2 +-
ssh1login-server.c | 2 +-
ssh1login.c | 4 ++--
ssh2kex-client.c | 2 +-
ssh2transport.c | 12 ++++++------
sshcommon.c | 2 +-
sshecc.c | 4 ++--
sshhmac.c | 2 +-
sshpubk.c | 14 +++++++-------
sshrsa.c | 4 ++--
sshshare.c | 8 ++++----
sshzlib.c | 4 ++--
telnet.c | 2 +-
unix/ux_x11.c | 2 +-
utils.c | 8 ++++----
18 files changed, 53 insertions(+), 53 deletions(-)
commit 0ceb73fb1052345c4a0e20f27c70b078b1b837a6
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=0ceb73fb1052345c4a0e20f27c70b078b1b837a6;hp=bde7b6b158c0f69537fb0b95d2325923b180e3ba
Author: Simon Tatham <anakin at pobox.com>
Date: Sat Mar 2 06:52:00 2019 +0000
dupvprintf: fix signedness of return from vsnprintf.
It's defined in the C standard to return an int, not a size_t, and we
should honour that since the subsequent code checks it for <0.
A knock-on effect is that I reorganise the addends in one of the
sgrowarrays, to be extra careful about overflow when adding something
to that int.
utils.c | 8 +++-----
1 file changed, 3 insertions(+), 5 deletions(-)
More information about the tartarus-commits
mailing list