nhyatt/putty-source
1
0
Fork 0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-01-25 01:02:24 +00:00
Code Issues Projects Releases Wiki Activity
3447047594
putty-source/unix
History
Nico Williams 3447047594 Don't grow logevent buf indefinitely 
The PuTTY GUIs (Unix and Windows) maintain an in-memory event log
for display to users as they request.  This uses ints for tracking
eventlog size, which is subject to memory exhaustion and (given
enough heap space) overflow attacks by servers (via, e.g., constant
rekeying).

Also a bounded log is more user-friendly.  It is rare to want more
than the initial logging and the logging from a few recent rekey
events.

The Windows fix has been tested using Dr. Memory as a valgrind
substitute.  No errors corresponding to the affected code showed up.
The Dr. Memory results.txt was split into a file per-error and then

    grep Error $(grep -l windlg *)|cut -d: -f3-|sort |uniq -c

was used to compare.  Differences arose from different usage of the GUI,
but no error could be traced to the code modified in this commit.

The Unix fix has been tested using valgrind.  We don't destroy the
eventlog_stuff eventlog arrays, so we can't be entirely sure that we
don't leak more than we did before, but from code inspection it looks
like we don't (and anyways, if we leaked as much as before, just without
the integer overflow, well, that's still an improvement).
2018-02-13 19:28:19 +00:00
..
configure Move the Unix configure script up to the top level. 2014-02-22 18:01:32 +00:00
gtkapp.c Build fixes for GTK2. 2018-01-30 19:22:45 +00:00
gtkask.c Unix buildinfo: stop saying 'GTK' in pure CLI utilities. 2017-02-22 22:10:05 +00:00
gtkcfg.c On OS X, be able to configure either Option or Command as Meta. 2015-09-01 19:12:19 +01:00
gtkcols.c Memory leak: add a columns_finalize() method. 2017-11-26 11:36:00 +00:00
gtkcols.h New Columns method, columns_force_same_height(). 2015-08-24 19:34:23 +01:00
gtkcomm.c Remove the post_main() mechanism. 2017-11-26 20:03:12 +00:00
gtkcompat.h GTK2: Return 2.20 compatibility back 2017-02-23 20:03:01 +00:00
gtkdlg.c Don't grow logevent buf indefinitely 2018-02-13 19:28:19 +00:00
gtkfont.c Handle GTK 3.22's deprecation of gdk_cairo_create(). 2017-02-27 19:58:39 +00:00
gtkfont.h Handle GTK 3.22's deprecation of gdk_cairo_create(). 2017-02-27 19:58:39 +00:00
gtkmain.c Fix assertion failure that prevents pterm starting up. 2017-12-08 19:34:35 +00:00
gtkmisc.c Include the compile-time GTK version in the build info. 2017-02-15 19:32:42 +00:00
gtkmisc.h Move more functions into the new gtkmisc.c. 2015-08-31 15:45:43 +01:00
gtkwin.c Fill in some more of the OS X menu bar. 2017-12-18 11:46:48 +00:00
osxlaunch.c osxlaunch: stop setting DYLD_LIBRARY_PATH. 2017-12-20 10:04:02 +00:00
pterm.bundle OS X makefile: stop depending on JHBUILD_PREFIX. 2017-11-26 11:45:48 +00:00
pterm.plist Create OS X application bundles for PuTTY and pterm. 2016-03-23 22:22:48 +00:00
putty.bundle OS X makefile: stop depending on JHBUILD_PREFIX. 2017-11-26 11:45:48 +00:00
putty.plist Create OS X application bundles for PuTTY and pterm. 2016-03-23 22:22:48 +00:00
unix.h Fill in some more of the OS X menu bar. 2017-12-18 11:46:48 +00:00
ux_x11.c Post-release destabilisation! Completely remove the struct type 2011-07-14 18:52:21 +00:00
uxagentc.c Memory leak: free conn->retbuf in uxagentc.c. 2017-11-26 11:32:34 +00:00
uxcfg.c Post-release destabilisation! Completely remove the struct type 2011-07-14 18:52:21 +00:00
uxcons.c Add some missing checks for EINTR after select(2). 2017-01-06 19:29:06 +00:00
uxgen.c cmdgen: option to specify the random number device to use. 2016-03-30 08:30:40 +01:00
uxgss.c Post-release destabilisation! Completely remove the struct type 2011-07-14 18:52:21 +00:00
uxmisc.c Better file-existence test on Unix. 2018-02-07 07:34:53 +00:00
uxnet.c Fix stale-pointer bugs in connection-fatal network errors. 2017-11-26 19:59:27 +00:00
uxnogtk.c Include the compile-time GTK version in the build info. 2017-02-15 19:32:42 +00:00
uxnoise.c Fix minor file descriptor leaks. Found by cppcheck, reported by Tim Kosse. 2009-09-16 22:28:20 +00:00
uxpeer.c Log identifying information for the other end of connections. 2015-05-18 14:03:10 +01:00
uxpgnt.c Get rid of fatalbox() completely. 2017-11-26 17:43:02 +00:00
uxplink.c Centralise PuTTY and Plink's non-option argument handling. 2017-12-07 20:13:33 +00:00
uxprint.c Update to r8614: another -D_FORTIFY_SOURCE=2 fix. 2010-02-20 11:21:25 +00:00
uxproxy.c unix: make uxsel callback functions return void. 2017-05-14 16:34:48 +01:00
uxpterm.c Centralise PuTTY and Plink's non-option argument handling. 2017-12-07 20:13:33 +00:00
uxpty.c Reinstate the SIGCHLD handler in ptermapp. 2017-11-26 11:42:22 +00:00
uxputty.c Centralise PuTTY and Plink's non-option argument handling. 2017-12-07 20:13:33 +00:00
uxsel.c unix: make select_result() return void. 2017-05-14 16:34:48 +01:00
uxser.c unix: make uxsel callback functions return void. 2017-05-14 16:34:48 +01:00
uxsftp.c Unix buildinfo: stop saying 'GTK' in pure CLI utilities. 2017-02-22 22:10:05 +00:00
uxshare.c Move make_dir_and_check_ours() out into uxmisc.c. 2015-05-05 20:16:22 +01:00
uxsignal.c Rename some of the more stupidly named files in the Unix back end. 2004-12-31 13:02:46 +00:00
uxstore.c Put in some explicit null-pointer checks. 2017-02-14 23:25:25 +00:00
uxucs.c Giant const-correctness patch of doom! 2015-05-15 12:47:44 +01:00
x11misc.c Ignore X11 BadMatch errors during cut buffer setup. 2016-03-20 18:30:03 +00:00
x11misc.h Ignore X11 BadMatch errors during cut buffer setup. 2016-03-20 18:30:03 +00:00
xkeysym.c Support for non-ISO-8859-1 X keysyms. So in particular, pterm in a 2003-04-27 11:10:48 +00:00
xpmptcfg.c Tweak the icon script, and the generated icons, to more closely 2007-01-07 10:17:12 +00:00
xpmpterm.c Tweak the icon script, and the generated icons, to more closely 2007-01-07 10:17:12 +00:00
xpmpucfg.c Tweak the icon script, and the generated icons, to more closely 2007-01-07 10:17:12 +00:00
xpmputty.c Tweak the icon script, and the generated icons, to more closely 2007-01-07 10:17:12 +00:00