1
0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-01-25 09:12:24 +00:00
Commit Graph

651 Commits

Author SHA1 Message Date
Simon Tatham
808df44e54 Add an assortment of missing consts I've just noticed.
[originally from svn r9972]
2013-07-27 18:35:48 +00:00
Simon Tatham
61e555ec79 Rationalise null pointer checks in both decode_codepage functions, so
that decode_codepage(NULL) and decode_codepage("") both return the
default character set.

[originally from svn r9961]
2013-07-22 07:12:05 +00:00
Simon Tatham
7426b8f215 Completely remove the 'frozen_readable' mechanism from uxnet.c. It
parallels a similar mechanism in winnet.c and came over by copy and
paste, but is pointless in the Unix networking API.

On Windows, if you're using a mechanism such as WSAAsyncSelect which
delivers readability notifications as messages rather than return
values from a system call, you only get notified that a socket is
readable once - it remembers that it's told you, and doesn't tell you
again until after you've done a read. So in the case where we
intentionally stop reading from a socket because our local buffer is
full, and later want to start reading again, we do a read from the
socket with MSG_PEEK set, and that clears Windows's flag and tells it
to start sending us readability notifications again.

On Unix, select() and friends didn't do anything so strange in the
first place, so the whole mechanism is unnecessary.

[originally from svn r9951]
2013-07-21 07:40:36 +00:00
Simon Tatham
77791de4e1 Fix error checking in uxstore.c: add a missing check, and fix a
mis-cut-and-pasted one.

[originally from svn r9950]
2013-07-21 07:40:30 +00:00
Simon Tatham
f1d6fa4712 When I turned fcntls into noncloexecs in r9940, I missed one.
[originally from svn r9949]
[r9940 == b426872219]
2013-07-21 07:40:28 +00:00
Simon Tatham
08d46fca51 Two more memory leak fixes, on error paths I didn't spot in r9919.
[originally from svn r9948]
[r9919 == ea301bdd9b]
2013-07-21 07:40:26 +00:00
Simon Tatham
adf8b3222f Fix leak of 'fname' introduced by the rewrite of write_random_seed in
r9933.

[originally from svn r9945]
[r9933 == 2854ae1f33]
2013-07-20 13:15:16 +00:00
Simon Tatham
3af26af19e Redo a mis-fix of a memory leak in r9919: I added sfree(data)
immediately after conf_deserialise in the Duplicate Session receiver,
whereas I should have put it after the subsequent loop that extracts
the pty argv if any.

[originally from svn r9943]
[r9919 == ea301bdd9b]
2013-07-20 13:15:10 +00:00
Simon Tatham
b426872219 Centralise calls to fcntl into functions that carefully check the
error returns.

[originally from svn r9940]
2013-07-19 18:10:02 +00:00
Simon Tatham
96f3589e16 Add an error check to every setsockopt call in uxnet.c.
[originally from svn r9939]
2013-07-19 17:45:01 +00:00
Simon Tatham
407fd7b9ab Better error reporting when failing to save a session.
[originally from svn r9937]
2013-07-19 17:44:53 +00:00
Simon Tatham
13bac5ed69 Add some missing calls to cleanup_exit.
[originally from svn r9936]
2013-07-19 17:44:47 +00:00
Simon Tatham
b4adf61bc7 Report errors in store_host_key too.
[originally from svn r9934]
2013-07-19 17:44:38 +00:00
Simon Tatham
2854ae1f33 Add proper error reports in write_random_seed, via the new 'nonfatal'
error reporting function.

[originally from svn r9933]
2013-07-19 17:44:33 +00:00
Simon Tatham
acf38797eb Add a nonfatal() function everywhere, to be used for reporting things
that the user really ought to know but that are not actually fatal to
continued operation of PuTTY or a single network connection.

[originally from svn r9932]
2013-07-19 17:44:28 +00:00
Simon Tatham
1d21346d4c Add a missing error check in pterm's child-process setup. Shouldn't
really fail, but might as well be careful.

[originally from svn r9931]
2013-07-19 17:44:22 +00:00
Simon Tatham
ea301bdd9b Fix another giant batch of resource leaks. (Mostly memory, but there's
one missing fclose too.)

[originally from svn r9919]
2013-07-14 10:46:07 +00:00
Simon Tatham
896bb7c74d Tighten up a lot of casts from unsigned to int which are read by one
of the GET_32BIT macros and then used as length fields. Missing bounds
checks against zero have been added, and also I've introduced a helper
function toint() which casts from unsigned to int in such a way as to
avoid C undefined behaviour, since I'm not sure I trust compilers any
more to do the obviously sensible thing.

[originally from svn r9918]
2013-07-14 10:45:54 +00:00
Simon Tatham
1662a2f6cf Fix an always-false if statement which was causing the window border
not to be redrawn when the user reconfigured the background colour.

[originally from svn r9917]
2013-07-14 10:45:48 +00:00
Simon Tatham
3d69dd2071 Add missing checks in update_for_intended_size() in the font selector
code, which would have coped badly if ever asked to select the first
font in the list at a size smaller than it supported. Luckily the
first font tended to be one of the X numeric aliases (e.g. 10x20)
which was stored with size zero, so this probably didn't actually come
up for anyone, but better safe than sorry.

[originally from svn r9910]
2013-07-11 17:24:28 +00:00
Simon Tatham
5a04ae3420 Fix a pty-freeing error which caused a segfault if you attempted to
use Restart Session in a post-not-close-on-exit pterm.

[originally from svn r9909]
2013-07-11 17:24:23 +00:00
Simon Tatham
1f3901a3a2 Add some missing null checks for inst->ldisc, which were causing
segfaults if a PuTTY or pterm did not close on exit and then you
either typed something via input_method_commit_event or changed the
line editing or echo settings.

[originally from svn r9908]
2013-07-11 17:24:20 +00:00
Simon Tatham
916cd3f0cd Remove another pointless null check, this time of inst->back in the
function which has just dereferenced it to get the exit code.

[originally from svn r9907]
2013-07-11 17:24:14 +00:00
Simon Tatham
bbc9709b48 A collection of small bug fixes from Chris West, apparently spotted by
Coverity: assorted language-use goofs like freeing the wrong thing or
forgetting to initialise a string on all code paths.

[originally from svn r9889]
2013-07-01 17:56:33 +00:00
Simon Tatham
c5876a8ba2 Fallback for manual setup of GTK 1, if autoconf is run on a system
where the GTK1 detection function AM_PATH_GTK hasn't been provided by
/usr/share/aclocal/gtk.m4 or equivalent.

(Systems without gtk.m4 are becoming more common, but on the other
hand I know at least one person is still using GTK 1 PuTTY since the
0.62 release.)

[originally from svn r9868]
2013-06-15 19:58:10 +00:00
Simon Tatham
15f1bc7cdb It's probably well past time for this: change PuTTY's default
character set configuration to UTF-8, on both Windows and Unix, and
reorganise the dropdown lists in the Translation menu so that UTF-8
appears at the top (and Unix's odd "use font encoding" is relegated to
the bottom of the list like the special-purpose oddity it is).

[originally from svn r9843]
2013-05-25 14:03:19 +00:00
Simon Tatham
a9eb51b7d4 Remove the half-hearted attempt to make the utmp helper process drop
privileges just before dying of a fatal signal. I'm not sure what I
intended it for in the first place; it certainly isn't doing its job
properly (no setgid), it's causing compiler warnings due to not
checking the setuid return code, and we can't think of any useful
purpose for it.

[originally from svn r9766]
2013-02-24 19:28:13 +00:00
Simon Tatham
74bc2635ad Don't forget to check the return values of setuid and friends.
[originally from svn r9764]
2013-02-23 21:00:29 +00:00
Simon Tatham
896f9f2256 Reorganise setup_fonts_ucs so that in case of error it does nothing
and returns its error message as a string, instead of actually
printing it on standard error and exiting. Now we can preserve the
previous error behaviour when we get a nonexistent font name at
startup time, but no longer rudely terminate in mid-session if the
user configures a bogus font name in Change Settings.

[originally from svn r9745]
2013-01-13 21:59:10 +00:00
Simon Tatham
9a7dd918da Switch round a bogus if statement I've just noticed. Both the write to
pty_utmp_helper_pipe _and_ the close of it if we're not going to write
should be conditionalised on the pipe existing, rather than just the
former!

[originally from svn r9729]
2012-12-18 09:19:04 +00:00
Simon Tatham
7c22b1d755 Patch from Brad Smith to use posix_openpt() instead of
open("/dev/ptmx"), where the former is available. Improves
portability, since at least one OS (OpenBSD) supports the POSIX pty
functions but does it via an underlying mechanism which doesn't
involving having a /dev/ptmx.

[originally from svn r9728]
2012-12-18 09:02:38 +00:00
Simon Tatham
25c45bf043 Use O_NOCTTY (if available) when opening /dev/ptmx, just in case any
OS doesn't automatically assume it.

(It would seem faintly weird to me - surely opening the master end of
a given pty is a fairly good indication that you're _not_ a process
running inside it which wants to have it available as /dev/tty! But
you never know...)

[originally from svn r9727]
2012-12-18 09:02:38 +00:00
Simon Tatham
58870f60e4 If you configure Unix PuTTY to use a proxy, tell it to even proxy
localhost connections, and also enable X forwarding in such a way that
it will attempt to connect to a Unix-domain X server socket, an
assertion will fail when proxy_for_destination() tries to call
sk_getaddr(). Fix by ensuring that Unix-domain sockets are _never_
proxied, since they fundamentally can't be.

[originally from svn r9688]
2012-10-16 20:15:51 +00:00
Simon Tatham
5db48dcddb Make --help and --version work consistently across all tools.
Well, at least across all command-line tools on both Windows and Unix,
and the GTK apps on Unix too. The Windows GUI apps fundamentally can't
write to standard output and it doesn't seem sensible to use message
boxes for these purposes :-)

[originally from svn r9673]
2012-09-19 17:08:15 +00:00
Ben Harris
d5836982e2 Two related changes to timing code:
First, make absolute times unsigned.  This means that it's safe to 
depend on their overflow behaviour (which is undefined for signed 
integers).  This requires a little extra care in handling comparisons, 
but I think I've correctly adjusted them all.

Second, functions registered with schedule_timer() are guaranteed to be 
called with precisely the time that was returned by schedule_timer().  
Thus, it's only necessary to check these values for equality rather than 
doing risky range checks, so do that.

The timing code still does lots that's undefined, unnecessary, or just
wrong, but this is a good start.

[originally from svn r9667]
2012-09-18 21:42:48 +00:00
Ben Harris
3fad1f402b Improve window-size handling in Unix Plink.
Unconditionally override the configured terminal size with the one
from stdin if it's available.  This avoids the silliness whereby if
Default Settings had a terminal size set, Plink used this and thus
caused the server to use the wrong size.

[originally from svn r9624]
2012-08-25 22:57:39 +00:00
Simon Tatham
aa5bae8916 Introduce a new utility function smemclr(), which memsets things to
zero but does it in such a way that over-clever compilers hopefully
won't helpfully optimise the call away if you do it just before
freeing something or letting it go out of scope. Use this for
(hopefully) every memset whose job is to destroy sensitive data that
might otherwise be left lying around in the process's memory.

[originally from svn r9586]
2012-07-22 19:51:50 +00:00
Simon Tatham
3d3052f680 Add '-Wall -Werror' to the compile options in the autotools makefile,
having just noticed that Makefile.gtk had it and this one doesn't. (Of
course, this being autoconf, we can easily enough make it conditional
on the compiler actually being gcc.)

[originally from svn r9583]
2012-07-19 04:42:34 +00:00
Simon Tatham
75239b955b If pterm's execvp fails when given the whole argument list after -e,
and the argument list contains only one string, try again by passing
that single string to "$SHELL -c" to be parsed as a shell command.
This matches xterm's behaviour (as of xterm 261, at least), and means
in practice that users can do _either_ of 'pterm -e some command' and
'pterm -e "some command"'.

(A quick survey suggests that the majority of X terminal programs agree
with pterm's old behaviour of only supporting '-e some command',
except that gnome-terminal only supports the other behaviour and xterm
supports both. With that disagreement, I think supporting both is
probably the sensible thing.)

[originally from svn r9575]
2012-07-11 18:12:17 +00:00
Simon Tatham
a3f74661c8 Turns out that the compose-keys fix in r9567 did in fact break one
piece of keyboard handling: if Num Lock is on, numeric keypad keys are
eaten by the IM, so we must avoid passing them to the IM in the first
place if we're in any non-default numeric keypad mode (application or
Nethack).

This is a grubby way to do it, but the more obvious approach of just
moving the Nethack and app-keypad if statements up to above the IM
call doesn't work because those statements depend on the generic
Alt-prefix handling that happens just _below_ the IM call. So instead
I just repeat the list of keystrokes and modes in an if statement
conditionalising the IM call.

[originally from svn r9573]
[r9567 == 7fc8db15b2]
2012-07-05 23:45:20 +00:00
Simon Tatham
d0ac277f78 Stop including <gtk/gtkcontainer.h> directly, since a user points out
that it'll be absent in GTK 3.

[originally from svn r9571]
2012-07-01 16:55:36 +00:00
Simon Tatham
72640ff615 Add the missing code to treat data coming from the input method as
keypresses for purposes of hiding the mouse pointer and resetting the
scrollback.

[originally from svn r9568]
2012-06-18 18:10:59 +00:00
Simon Tatham
7fc8db15b2 Support for dead keys and compose sequences on Unix, by instantiating
a GtkIMMulticontext and having that filter most keypresses. I think
I've got this right so that it doesn't break any previous deliberate
keyboard-handling behaviour that's now _after_ the 'if (filter
keypress) return' statement.

[originally from svn r9567]
2012-06-17 07:26:23 +00:00
Simon Tatham
bc6e0952ef Introduce a third setting for the 'bold as colour' mode, which lets
you both brighten the colour _and_ bold the font at the same time.
(Fixes 'bold-font-colour' and Debian #193352.)

[originally from svn r9559]
2012-06-09 15:09:22 +00:00
Simon Tatham
29184e3702 Fix bug in the new CLOCK_MONOTONIC implementation. I was treating the
nanoseconds field as a microseconds field, with hilarious consequences.

[originally from svn r9535]
2012-05-15 22:19:21 +00:00
Simon Tatham
0395e52bb8 Use clock_gettime(CLOCK_MONOTONIC) as the Unix getticks(), if it's
available.

[originally from svn r9529]
2012-05-13 15:59:27 +00:00
Simon Tatham
aba05b7180 Patch from Robert de Bath to substantially simplify timing.c.
The previous platform-dependent ifdefs, switching between a system
which tried to cope with spurious callbacks (which I'd observed on
Windows) and one which tried to cope with system clock jumps (which
can happen on Unix, if you use gettimeofday) have been completely
removed, and replaced with a much simpler approach which just copes
with system clock jumps by triggering any timers immediately.

None of the resulting effects should be catastrophic (the worst thing
might be the waste of CPU in a spurious rekey, but as long as the
system clock isn't jumping around _all_ the time that's hardly
critical) and in any case the Unix port has had a long-standing oddity
involving occasional lockups if pterm or PuTTY runs for too long,
which hopefully this should replace with a much less bad failure mode.
And the code is much simpler, which is not to be sneezed at.

[originally from svn r9528]
2012-05-13 15:59:26 +00:00
Simon Tatham
bb1d656dd4 Bug fix from Robert de Bath: if the utf8_override setting is changed
in mid-session, it affects translation and hence display, so it should
be listed among the settings that require a redraw.

[originally from svn r9466]
2012-04-22 14:22:08 +00:00
Simon Tatham
b81b04f9b2 Bug fix from Robert de Bath: if wc_to_mb returns a length of zero, it
will not even initialise sbstring[0], so we shouldn't even look at it
let alone depend on it to tell us the desired character was absent.

[originally from svn r9465]
2012-04-22 14:22:08 +00:00
Simon Tatham
f030975da7 Conditionalise the calls to premsg and postmsg in uxcons.c's
logevent(), which temporarily turn off the raw mode we've put stderr
into, so that they don't get called if the log_eventlog() call between
them is not _actually_ going to write to stderr.

Fixes a bug in which, if you define a Unix PuTTY saved session which
uses 'plink -nc' as a local proxy command and then run PuTTY
backgrounded from the shell with that session loaded, the subprocess
Plink would get SIGTTOU when it tried to muck about with stderr and
the whole thing would grind to a halt. I'm prepared to consider that
acceptable if Plink _really_ wants to write on standard error, but if
it doesn't, it should just carry on working in the background!

[originally from svn r9462]
2012-04-18 06:36:46 +00:00