diff --git a/cmdline.c b/cmdline.c index c39c8ad2..9f37f2a0 100644 --- a/cmdline.c +++ b/cmdline.c @@ -585,6 +585,11 @@ int cmdline_process_param(const char *p, char *value, cmdline_error("the -pw option can only be used with the " "SSH protocol"); else { + if (cmdline_password) { + smemclr(cmdline_password, strlen(cmdline_password)); + sfree(cmdline_password); + } + cmdline_password = dupstr(value); /* Assuming that `value' is directly from argv, make a good faith * attempt to trample it, to stop it showing up in `ps' output @@ -608,6 +613,11 @@ int cmdline_process_param(const char *p, char *value, if (!fp) { cmdline_error("unable to open password file '%s'", value); } else { + if (cmdline_password) { + smemclr(cmdline_password, strlen(cmdline_password)); + sfree(cmdline_password); + } + cmdline_password = chomp(fgetline(fp)); if (!cmdline_password) { cmdline_error("unable to read a password from file '%s'", diff --git a/proxy/http.c b/proxy/http.c index f788e52c..081fefb6 100644 --- a/proxy/http.c +++ b/proxy/http.c @@ -479,7 +479,7 @@ static void proxy_http_process_queue(ProxyNegotiator *pn) crStopV; } - if (maj_ver < 1 && (maj_ver == 1 && min_ver < 1)) { + if (maj_ver < 1 || (maj_ver == 1 && min_ver < 1)) { /* Before HTTP/1.1, connections close by default */ s->connection_close = true; } diff --git a/proxy/socks5.c b/proxy/socks5.c index 66797440..87a0bbc8 100644 --- a/proxy/socks5.c +++ b/proxy/socks5.c @@ -70,7 +70,7 @@ static void proxy_socks5_free(ProxyNegotiator *pn) strbuf_free(s->password); if (s->prompts) free_prompts(s->prompts); - smemclr(s, sizeof(s)); + smemclr(s, sizeof(*s)); sfree(s); } diff --git a/proxy/sshproxy.c b/proxy/sshproxy.c index ee2bee6e..4f240d50 100644 --- a/proxy/sshproxy.c +++ b/proxy/sshproxy.c @@ -592,7 +592,7 @@ Socket *sshproxy_new_connection(SockAddr *addr, const char *hostname, * our check is for whether the backend sets the flag promising * that it does. */ - if (!(backvt->flags & BACKEND_SUPPORTS_NC_HOST)) { + if (!backvt || !(backvt->flags & BACKEND_SUPPORTS_NC_HOST)) { sp->errmsg = dupprintf("saved session '%s' is not an SSH session", proxy_hostname); return &sp->sock; diff --git a/terminal/bidi.c b/terminal/bidi.c index c8085ca4..a56570fd 100644 --- a/terminal/bidi.c +++ b/terminal/bidi.c @@ -3602,7 +3602,6 @@ void do_bidi(BidiContext *ctx, bidi_char *text, size_t textlen) #ifdef REMOVE_FORMATTING_CHARACTERS abort(); /* can't use the standard algorithm in a live terminal */ #else - assert(textlen >= 0); do_bidi_new(ctx, text, textlen); #endif } diff --git a/terminal/bidi_test.c b/terminal/bidi_test.c index 0b63029f..1acd1d68 100644 --- a/terminal/bidi_test.c +++ b/terminal/bidi_test.c @@ -44,7 +44,8 @@ static void run_test(const char *filename, unsigned lineno, { size_t bcs_orig_len = bcs_len; bidi_char *bcs_orig = snewn(bcs_orig_len, bidi_char); - memcpy(bcs_orig, bcs, bcs_orig_len * sizeof(bidi_char)); + if (bcs_orig_len) + memcpy(bcs_orig, bcs, bcs_orig_len * sizeof(bidi_char)); bcs_len = do_bidi_test(ctx, bcs, bcs_len, override); @@ -335,6 +336,12 @@ int main(int argc, char **argv) } else { const char *filename = arg; + if (!testfn) { + fprintf(stderr, "no mode argument provided before filename " + "'%s'\n", filename); + return 1; + } + if (!strcmp(filename, "-")) { testfn("", stdin); } else { diff --git a/terminal/terminal.c b/terminal/terminal.c index b5d01813..3398cd59 100644 --- a/terminal/terminal.c +++ b/terminal/terminal.c @@ -7677,7 +7677,8 @@ static inline SeatPromptResult signal_prompts_t(Terminal *term, prompts_t *p, { assert(p->callback && "Asynchronous userpass input requires a callback"); queue_toplevel_callback(p->callback, p->callback_ctx); - ldisc_enable_prompt_callback(term->ldisc, NULL); + if (term->ldisc) + ldisc_enable_prompt_callback(term->ldisc, NULL); p->spr = spr; return spr; }