nhyatt/putty-source
1
0
Fork 0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-01-25 01:02:24 +00:00
Code Issues Projects Releases Wiki Activity

Fix broken error path on open failure in PROXY_FUZZ.

Browse Source 
We have to use the file name we just failed to open to format an error
message _before_ freeing it, not after. If that use-after-free managed
not to cause a crash, we'd also leak the file descriptor 'outfd'.

Both spotted by Coverity (which is probably the first thing in years
to look seriously at any of the code designed for Ben's AFL exercise).
This commit is contained in:
Simon Tatham 2019-05-04 15:47:33 +01:00
parent c787e62651
commit e82ba498ff
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
unix/uxproxy.c
View File

@ -88,8 +88,11 @@ Socket *platform_new_connection(SockAddr *addr, const char *hostname,
}
infd = open(cmd, O_RDONLY);
if (infd == -1) {
Socket *toret = new_error_socket_fmt(
plug, "%s: %s", cmd, strerror(errno));
sfree(cmd);
return new_error_socket_fmt(plug, "%s: %s", cmd, strerror(errno));
close(outfd);
return toret;
}
sfree(cmd);
inerrfd = -1;