nhyatt/putty-source
1
0
Fork 0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-01-09 17:38:00 +00:00
Code Issues Projects Releases Wiki Activity

portfwdmgr_config: null out pointers we're destroying.

Browse Source 
In particular, a report today pointed out that the call to
pfl_terminate(pfr->local) directly from portfwdmgr_config() was then
repeated from inside pfr_free(pfr) which we called four lines later,
leading to a double-free crash. Now we null out pfr->local the first
time, so the call in pfr_free is skipped.

While I'm at it, I've nulled out pfr->remote similarly; that doesn't
cause any crash that I can see, but it's a good habit to get into for
futureproofing.
This commit is contained in:
Simon Tatham 2019-03-25 20:49:04 +00:00
parent 8c710dddc5
commit fe408562fa
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
portfwd.c
View File

@ -959,8 +959,10 @@ void portfwdmgr_config(PortFwdManager *mgr, Conf *conf)
* rejected.
*/
ssh_rportfwd_remove(mgr->cl, pfr->remote);
pfr->remote = NULL;
} else if (pfr->local) {
pfl_terminate(pfr->local);
pfr->local = NULL;
}
delpos234(mgr->forwardings, i);