nhyatt/putty-source
1
0
Fork 0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-01-09 17:38:00 +00:00
Code Issues Projects Releases Wiki Activity
27f0140e5c
putty-source/ssh
History
Simon Tatham 27f0140e5c Fix use-after-free on error returns from share_receive. 
Spotted by Coverity. If PuTTY is functioning as a sharing upstream,
and a new downstream mishandles the version string exchange in any way
that provokes an error message from share_receive() (such as failing
to start the greeting with the expected protocol-name string), we were
calling share_disconnect() and then going to crFinish. But
share_disconnect is capable of actually freeing the entire
ssh_sharing_connstate which contains the coroutine state - in which
case, crFinish's zeroing out of crLine is a use-after-free.

The usual pattern elsewhere in this code is to exit a coroutine with
an ordinary 'return' when you've destroyed its state structure. Switch
to doing that here.
2023-08-19 10:15:47 +01:00
..
agentf.c Move the SSH implementation into its own subdirectory. 2021-04-22 18:09:13 +01:00
bpp1.c New Seat callback, seat_sent(). 2021-06-27 13:52:48 +01:00
bpp2.c Implement AES-GCM using the @openssh.com protocol IDs. 2022-08-16 20:33:58 +01:00
bpp-bare.c New Seat callback, seat_sent(). 2021-06-27 13:52:48 +01:00
bpp.h Move the SSH implementation into its own subdirectory. 2021-04-22 18:09:13 +01:00
ca-config.c Documentation for OpenSSH certificates. 2022-08-07 18:44:11 +01:00
censor1.c Move the SSH implementation into its own subdirectory. 2021-04-22 18:09:13 +01:00
censor2.c Move the SSH implementation into its own subdirectory. 2021-04-22 18:09:13 +01:00
channel.h Formatting: normalise back to 4-space indentation. 2022-08-03 20:48:46 +01:00
CMakeLists.txt Move host CA config box out into its own source file. 2022-05-01 10:16:19 +01:00
common.c Packet protocol layers: new 'final_output' method. 2023-05-04 23:54:01 +01:00
connection1-client.c New Seat query, has_mixed_input_stream(). 2021-11-06 14:48:26 +00:00
connection1-server.c Formatting: normalise back to 4-space indentation. 2022-08-03 20:48:46 +01:00
connection1.c Packet protocol layers: new 'final_output' method. 2023-05-04 23:54:01 +01:00
connection1.h Richer data type for interactive prompt results. 2021-12-28 18:08:31 +00:00
connection2-client.c New Seat query, has_mixed_input_stream(). 2021-11-06 14:48:26 +00:00
connection2-server.c Move the SSH implementation into its own subdirectory. 2021-04-22 18:09:13 +01:00
connection2.c Packet protocol layers: new 'final_output' method. 2023-05-04 23:54:01 +01:00
connection2.h Richer data type for interactive prompt results. 2021-12-28 18:08:31 +00:00
crc-attack-detector.c Move the SSH implementation into its own subdirectory. 2021-04-22 18:09:13 +01:00
gss.h Update source file names in comments and docs. 2022-01-22 15:51:31 +00:00
gssc.c GSSAPI fix: don't pass GSS_C_NO_NAME to inquire_cred_by_mech. 2022-09-17 07:55:08 +01:00
gssc.h Move the SSH implementation into its own subdirectory. 2021-04-22 18:09:13 +01:00
kex2-client.c GSSAPI kex: don't call dh_is_gex() on ECDH algorithms. 2022-09-13 20:53:03 +01:00
kex2-server.c Refactor ecdh_kex into an organised vtable. 2022-04-15 17:46:06 +01:00
login1-server.c Packet protocol layers: new 'final_output' method. 2023-05-04 23:54:01 +01:00
login1.c Packet protocol layers: new 'final_output' method. 2023-05-04 23:54:01 +01:00
mainchan.c Formatting: realign run-on parenthesised stuff. 2022-08-03 20:48:46 +01:00
nogss.c Move the SSH implementation into its own subdirectory. 2021-04-22 18:09:13 +01:00
nosharing.c Move the SSH implementation into its own subdirectory. 2021-04-22 18:09:13 +01:00
pgssapi.c Unix GSSAPI: support static linking against Heimdal. 2022-09-17 07:55:08 +01:00
pgssapi.h Formatting: remove spurious spaces in 'type * var'. 2022-08-03 20:48:46 +01:00
portfwd.c Formatting: miscellaneous. 2022-08-03 20:48:46 +01:00
ppl.h Packet protocol layers: new 'final_output' method. 2023-05-04 23:54:01 +01:00
scpserver.c Generalise strbuf_catf() into put_fmt(). 2021-11-19 11:32:47 +00:00
server.c Centralise most details of host-key prompting. 2022-07-07 18:05:32 +01:00
server.h Update source file names in comments and docs. 2022-01-22 15:51:31 +00:00
sesschan.c Add some missing casts in ctype functions. 2023-04-19 14:28:36 +01:00
sftp.c Add a batch of missing 'static's. 2022-09-03 12:02:48 +01:00
sftp.h Fix a batch of typos in comments and docs. 2022-01-03 06:40:51 +00:00
sftpcommon.c Move the SSH implementation into its own subdirectory. 2021-04-22 18:09:13 +01:00
sftpserver.c Move the SSH implementation into its own subdirectory. 2021-04-22 18:09:13 +01:00
sharing.c Fix use-after-free on error returns from share_receive. 2023-08-19 10:15:47 +01:00
signal-list.h Move the SSH implementation into its own subdirectory. 2021-04-22 18:09:13 +01:00
ssh.c Fix segfault if SSH connection terminates very early. 2023-05-04 23:54:22 +01:00
transient-hostkey-cache.c Move the SSH implementation into its own subdirectory. 2021-04-22 18:09:13 +01:00
transport2.c Packet protocol layers: new 'final_output' method. 2023-05-04 23:54:01 +01:00
transport2.h Make rekeys work when KEXINIT filtering is enabled. 2022-09-10 10:15:27 +01:00
ttymode-list.h Move the SSH implementation into its own subdirectory. 2021-04-22 18:09:13 +01:00
userauth2-client.c Work around key algorithm naming change in OpenSSH <= 7.7. 2023-05-05 00:05:28 +01:00
userauth2-server.c Packet protocol layers: new 'final_output' method. 2023-05-04 23:54:01 +01:00
verstring.c Work around key algorithm naming change in OpenSSH <= 7.7. 2023-05-05 00:05:28 +01:00
x11fwd.c Improve time-safety of XDM-AUTHORIZATION-1 validation. 2023-04-19 14:28:36 +01:00
zlib.c Add a batch of missing 'static's. 2022-09-03 12:02:48 +01:00