simon-git: putty (pre-0.77): Simon Tatham
Commits to Tartarus hosted VCS
tartarus-commits at lists.tartarus.org
Wed May 4 12:59:25 BST 2022
TL;DR:
03e71efc Fix linked-list mismanagement in global request queue.
Repository: https://git.tartarus.org/simon/putty.git
On the web: https://git.tartarus.org/?p=simon/putty.git
Branch updated: pre-0.77
Committer: Simon Tatham <anakin at pobox.com>
Date: 2022-05-04 12:59:25
commit 03e71efcc513c9f13eb25b693b011b43f1f4a2d3
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=03e71efcc513c9f13eb25b693b011b43f1f4a2d3;hp=1088080cddc952bbf4d8eb1788565550fdf5fe4b
Author: Simon Tatham <anakin at pobox.com>
Date: Wed May 4 12:46:06 2022 +0100
Fix linked-list mismanagement in global request queue.
When we linked a new entry on to the global request queue, we forgot
to set its next pointer to NULL, so that when it was removed again,
s->globreq_head could end up pointing to nonsense.
In addition, even if the next pointer happened to be NULL by luck, we
also did not notice that s->globreq_head had become NULL and respond
by nulling out s->globreq_tail, which would leave s->globreq_tail as a
stale pointer to the just-freed list element, causing a memory access
error on the next attempt to link something on to the list.
This could come up in the situation where you open Change Settings and
configure a remote port forwarding, close it (so that the global
request is sent, queued, replied to, and unqueued again), and then
reopen Change Settings and configure a second one (so that the linked
list in the confused state actually gets used).
ssh/connection2.c | 3 +++
1 file changed, 3 insertions(+)
More information about the tartarus-commits
mailing list