simon-git: putty (pre-0.77): Simon Tatham
Commits to Tartarus hosted VCS
tartarus-commits at lists.tartarus.org
Sat Jan 29 18:31:44 GMT 2022
TL;DR:
1f6fa876 do_bidi: remove a pointless assert.
7582ce3c proxy_socks5_free: fix inadequate smemclr.
af6a19e9 sshproxy.c: add missing NULL check.
6344e40e cmdline.c: free cmdline_password whenever it's reset.
6d775410 bidi_test: minor memory fixes.
d78d14f9 HTTP proxy: fix nonsense HTTP version check.
b7a9cdd6 term_get_userpass_input: missing NULL check.
Repository: https://git.tartarus.org/simon/putty.git
On the web: https://git.tartarus.org/?p=simon/putty.git
Branch updated: pre-0.77
Committer: Simon Tatham <anakin at pobox.com>
Date: 2022-01-29 18:31:44
commit 1f6fa876e3be4eb9753319bee5d17624f8400452
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=1f6fa876e3be4eb9753319bee5d17624f8400452;hp=ca62d67699e1c87611a612a107c9a9936acd48bb
Author: Simon Tatham <anakin at pobox.com>
Date: Sat Jan 29 17:58:33 2022 +0000
do_bidi: remove a pointless assert.
When the textlen parameter became a size_t, it became unsigned, so it
stopped being useful to assert() its non-negativity.
Spotted by Coverity. Harmless, but ordinary compilers have been known
to emit annoying warnings about that kind of thing too, so it's worth
fixing just to avoid noise.
terminal/bidi.c | 1 -
1 file changed, 1 deletion(-)
commit 7582ce3cd668da1d0546271c095e9d97790fc37a
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=7582ce3cd668da1d0546271c095e9d97790fc37a;hp=1f6fa876e3be4eb9753319bee5d17624f8400452
Author: Simon Tatham <anakin at pobox.com>
Date: Sat Jan 29 18:00:13 2022 +0000
proxy_socks5_free: fix inadequate smemclr.
Thanks to Coverity for pointing out that I'd only cleared
sizeof(pointer) amount of the struct, not sizeof(the whole thing).
proxy/socks5.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
commit af6a19e962c13cb61851b53f2d3c34b0b2a631ca
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=af6a19e962c13cb61851b53f2d3c34b0b2a631ca;hp=7582ce3cd668da1d0546271c095e9d97790fc37a
Author: Simon Tatham <anakin at pobox.com>
Date: Sat Jan 29 18:03:33 2022 +0000
sshproxy.c: add missing NULL check.
If you try to use a saved session for SSH proxying which specifies a
protocol that is not SSH or bare-SSH-connection, you get a clean error
return from the proxy setup code - *provided* it's at least a protocol
known to this particular build of PuTTY. If it's one so outlandish
that backend_vt_from_proto returns NULL, there'd have been a crash.
I don't think any such protocol currently exists, but if in the next
version of PuTTY some additional protocol becomes supported, it will
trip this error in the current version.
Spotted by Coverity.
proxy/sshproxy.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
commit 6344e40e3f7524aa3479953b4e58daae349879de
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=6344e40e3f7524aa3479953b4e58daae349879de;hp=af6a19e962c13cb61851b53f2d3c34b0b2a631ca
Author: Simon Tatham <anakin at pobox.com>
Date: Sat Jan 29 18:05:00 2022 +0000
cmdline.c: free cmdline_password whenever it's reset.
If you provided two -pw or -pwfile arguments on the same command line,
the first password could be left in memory uncleared. Spotted by
Coverity.
cmdline.c | 10 ++++++++++
1 file changed, 10 insertions(+)
commit 6d77541080f463b1c4743e834e41f31169fdf60a
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=6d77541080f463b1c4743e834e41f31169fdf60a;hp=6344e40e3f7524aa3479953b4e58daae349879de
Author: Simon Tatham <anakin at pobox.com>
Date: Sat Jan 29 18:11:06 2022 +0000
bidi_test: minor memory fixes.
Spotted by Coverity: if you _just_ gave a filename to bidi_test,
without any previous argument that set testfn to something other than
NULL, the program would crash rather than giving an error message.
(It's only a test program, but test programs you only run once in a
blue moon are the ones that _most_ need to explain their command-line
syntax to you carefully, because you've forgotten it since last time
you used them!)
Also, conditionalised a memcpy on the size not being 0, because it's
illegal to pass a null pointer to memcpy _even_ if size==0. (That
would only happen with a test case containing a zero-length string,
but whatever.)
terminal/bidi_test.c | 9 ++++++++-
1 file changed, 8 insertions(+), 1 deletion(-)
commit d78d14f917d11deb9418fbd96a1ee05c1315c234
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=d78d14f917d11deb9418fbd96a1ee05c1315c234;hp=6d77541080f463b1c4743e834e41f31169fdf60a
Author: Simon Tatham <anakin at pobox.com>
Date: Sat Jan 29 18:19:58 2022 +0000
HTTP proxy: fix nonsense HTTP version check.
Substitution of && for || would have caused us to accept HTTP/1.0 when
we meant to reject it. Thanks Coverity!
proxy/http.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
commit b7a9cdd6ee059a27821ae2e193c5881ec4d215da
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=b7a9cdd6ee059a27821ae2e193c5881ec4d215da;hp=d78d14f917d11deb9418fbd96a1ee05c1315c234
Author: Simon Tatham <anakin at pobox.com>
Date: Sat Jan 29 18:22:31 2022 +0000
term_get_userpass_input: missing NULL check.
If term_get_userpass_input is called with term->ldisc not yet set up,
then we had a special-case handler that returns an error message - but
it does it via the same subroutine that returns normal results, which
also turns off the prompt callback in term->ldisc! Need an extra NULL
check in that subroutine. Thanks Coverity.
terminal/terminal.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
More information about the tartarus-commits
mailing list