1
0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-01-25 09:12:24 +00:00

Null out a couple of pointers when they're empty.

ssh->current_user_input_fn was not set to NULL when the ssh structure
was initially set up, which meant that with sufficiently eager
typeahead it could accidentally be called while still full of garbage.
And ssh->connshare is freed in more than one place (by ssh_free and
also by do_ssh_close), but only one of those places nulls it out to
stop the other one trying to free it a second time.
This commit is contained in:
Simon Tatham 2018-05-18 11:41:17 +01:00
parent 9c5e4947f5
commit 7e984e5f9d

5
ssh.c
View File

@ -12409,6 +12409,7 @@ static const char *ssh_init(void *frontend_handle, void **backend_handle,
ssh->user_input_consumer.fn = ssh_process_user_input;
ssh->user_input_consumer.ctx = ssh;
ssh->user_input_consumer.queued = FALSE;
ssh->current_user_input_fn = NULL;
ssh->pending_newkeys = FALSE;
ssh->rekey_reason = NULL;
ssh->rekey_class = RK_INITIAL;
@ -12563,8 +12564,10 @@ static void ssh_free(void *handle)
ssh->channels = NULL;
}
if (ssh->connshare)
if (ssh->connshare) {
sharestate_free(ssh->connshare);
ssh->connshare = NULL;
}
if (ssh->rportfwds) {
while ((pf = delpos234(ssh->rportfwds, 0)) != NULL)