Control of 'addr' is now handed over to {platform_,}new_connection() and

sk_new() on invocation; these functions become responsible for (eventually) freeing it. The caller must not do anything with 'addr' after it's been passed in. (Ick.) Why: A SOCKS5 crash appears to have been caused by overzealous freeing of a SockAddr (ssh.c:1.257 [r2492]), which for proxied connections is squirreled away long-term (and this can't easily be avoided). It would have been nice to make a copy of the SockAddr, in case the caller has a use for it, but one of the implementations (uxnet.c) hides a "struct addrinfo" in there, and we have no defined way to duplicate those. (None of the current callers _do_ have a further use for the SockAddr.) As far as I can tell, everything _except_ proxying only needs addr for the duration of the call, so sk_addr_free()s immediately. If I'm mistaken, it should at least be easier to find the offending free()... [originally from svn r3383] [r2492 == bdd6633970]
2025-07-01 03:22:48 -05:00 · 2003-08-07 16:04:33 +00:00
parent f110a51d1f
commit 92db92af5a
13 changed files with 34 additions and 17 deletions
--- a/telnet.c
+++ b/telnet.c
@ -710,8 +710,10 @@ static const char *telnet_init(void *frontend_handle, void **backend_handle,
 	sfree(buf);
    }
    addr = name_lookup(host, port, realhost, &telnet->cfg);
-    if ((err = sk_addr_error(addr)) != NULL)
+    if ((err = sk_addr_error(addr)) != NULL) {
+	sk_addr_free(addr);
 	return err;
+    }

    if (port < 0)
 	port = 23;		       /* default telnet port */
@ -731,8 +733,6 @@ static const char *telnet_init(void *frontend_handle, void **backend_handle,
    if ((err = sk_socket_error(telnet->s)) != NULL)
 	return err;

-    sk_addr_free(addr);
-
    /*
     * Initialise option states.
     */