From efc6fc995d894458493699e7e1becdb06edb3f83 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Wed, 20 Jun 2012 21:44:56 +1000 Subject: - djm@cvs.openbsd.org 2011/12/02 00:41:56 [mux.c] fix bz#1948: ssh -f doesn't fork for multiplexed connection. ok dtucker@ --- mux.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'mux.c') diff --git a/mux.c b/mux.c index d90605eb4..35108ef8b 100644 --- a/mux.c +++ b/mux.c @@ -1,4 +1,4 @@ -/* $OpenBSD: mux.c,v 1.34 2012/01/07 21:11:36 djm Exp $ */ +/* $OpenBSD: mux.c,v 1.32 2011/12/02 00:41:56 djm Exp $ */ /* * Copyright (c) 2002-2008 Damien Miller * @@ -95,6 +95,7 @@ extern Buffer command; extern volatile sig_atomic_t quit_pending; extern char *stdio_forward_host; extern int stdio_forward_port; +extern int fork_after_authentication_flag; /* Context for session open confirmation callback */ struct mux_session_confirm_ctx { @@ -1800,6 +1801,8 @@ mux_client_request_session(int fd) if (tty_flag) enter_raw_mode(options.request_tty == REQUEST_TTY_FORCE); + if (fork_after_authentication_flag) + daemon(1, 1); /* * Stick around until the controlee closes the client_fd. * Before it does, it is expected to write an exit message. -- cgit v1.2.3 From 140df63e1f07d25dafd64d3d6000dc0fe27edcf1 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Wed, 20 Jun 2012 21:46:57 +1000 Subject: - djm@cvs.openbsd.org 2011/12/04 23:16:12 [mux.c] revert: > revision 1.32 > date: 2011/12/02 00:41:56; author: djm; state: Exp; lines: +4 -1 > fix bz#1948: ssh -f doesn't fork for multiplexed connection. > ok dtucker@ it interacts badly with ControlPersist --- ChangeLog | 9 ++++++++- mux.c | 5 +---- 2 files changed, 9 insertions(+), 5 deletions(-) (limited to 'mux.c') diff --git a/ChangeLog b/ChangeLog index 67daa5485..76c6e920f 100644 --- a/ChangeLog +++ b/ChangeLog @@ -4,7 +4,14 @@ [mux.c] fix bz#1948: ssh -f doesn't fork for multiplexed connection. ok dtucker@ - + - djm@cvs.openbsd.org 2011/12/04 23:16:12 + [mux.c] + revert: + > revision 1.32 + > date: 2011/12/02 00:41:56; author: djm; state: Exp; lines: +4 -1 + > fix bz#1948: ssh -f doesn't fork for multiplexed connection. + > ok dtucker@ + it interacts badly with ControlPersist 20120519 - (dtucker) [configure.ac] bz#2010: fix non-portable shell construct. Patch diff --git a/mux.c b/mux.c index 35108ef8b..30b4f6f93 100644 --- a/mux.c +++ b/mux.c @@ -1,4 +1,4 @@ -/* $OpenBSD: mux.c,v 1.32 2011/12/02 00:41:56 djm Exp $ */ +/* $OpenBSD: mux.c,v 1.33 2011/12/04 23:16:12 djm Exp $ */ /* * Copyright (c) 2002-2008 Damien Miller * @@ -95,7 +95,6 @@ extern Buffer command; extern volatile sig_atomic_t quit_pending; extern char *stdio_forward_host; extern int stdio_forward_port; -extern int fork_after_authentication_flag; /* Context for session open confirmation callback */ struct mux_session_confirm_ctx { @@ -1801,8 +1800,6 @@ mux_client_request_session(int fd) if (tty_flag) enter_raw_mode(options.request_tty == REQUEST_TTY_FORCE); - if (fork_after_authentication_flag) - daemon(1, 1); /* * Stick around until the controlee closes the client_fd. * Before it does, it is expected to write an exit message. -- cgit v1.2.3 From ac58ce86e6f4dcb245d5e1aa28a5c7a9f4a56072 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Wed, 20 Jun 2012 21:50:47 +1000 Subject: - djm@cvs.openbsd.org 2012/01/07 21:11:36 [mux.c] fix double-free in new session handler NB. Id sync only --- ChangeLog | 4 ++++ mux.c | 2 +- 2 files changed, 5 insertions(+), 1 deletion(-) (limited to 'mux.c') diff --git a/ChangeLog b/ChangeLog index 76c6e920f..419640c2a 100644 --- a/ChangeLog +++ b/ChangeLog @@ -12,6 +12,10 @@ > fix bz#1948: ssh -f doesn't fork for multiplexed connection. > ok dtucker@ it interacts badly with ControlPersist + - djm@cvs.openbsd.org 2012/01/07 21:11:36 + [mux.c] + fix double-free in new session handler + NB. Id sync only 20120519 - (dtucker) [configure.ac] bz#2010: fix non-portable shell construct. Patch diff --git a/mux.c b/mux.c index 30b4f6f93..d90605eb4 100644 --- a/mux.c +++ b/mux.c @@ -1,4 +1,4 @@ -/* $OpenBSD: mux.c,v 1.33 2011/12/04 23:16:12 djm Exp $ */ +/* $OpenBSD: mux.c,v 1.34 2012/01/07 21:11:36 djm Exp $ */ /* * Copyright (c) 2002-2008 Damien Miller * -- cgit v1.2.3 From 2e7decfcc0bd337e90649a62599e3ee8f1321b68 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Wed, 20 Jun 2012 21:52:00 +1000 Subject: - djm@cvs.openbsd.org 2012/06/01 01:01:22 [mux.c] fix memory leak when mux socket creation fails; bz#2002 from bert.wesarg AT googlemail.com --- ChangeLog | 4 ++++ mux.c | 4 ++-- 2 files changed, 6 insertions(+), 2 deletions(-) (limited to 'mux.c') diff --git a/ChangeLog b/ChangeLog index cd7b523fc..72a50c729 100644 --- a/ChangeLog +++ b/ChangeLog @@ -24,6 +24,10 @@ [PROTOCOL.mux] correct types of port numbers (integers, not strings); bz#2004 from bert.wesarg AT googlemail.com + - djm@cvs.openbsd.org 2012/06/01 01:01:22 + [mux.c] + fix memory leak when mux socket creation fails; bz#2002 from bert.wesarg + AT googlemail.com 20120519 - (dtucker) [configure.ac] bz#2010: fix non-portable shell construct. Patch diff --git a/mux.c b/mux.c index d90605eb4..3dd5e262c 100644 --- a/mux.c +++ b/mux.c @@ -1,4 +1,4 @@ -/* $OpenBSD: mux.c,v 1.34 2012/01/07 21:11:36 djm Exp $ */ +/* $OpenBSD: mux.c,v 1.35 2012/06/01 01:01:22 djm Exp $ */ /* * Copyright (c) 2002-2008 Damien Miller * @@ -1195,6 +1195,7 @@ muxserver_listen(void) close(muxserver_sock); muxserver_sock = -1; } + xfree(orig_control_path); xfree(options.control_path); options.control_path = NULL; options.control_master = SSHCTL_MASTER_NO; @@ -1216,7 +1217,6 @@ muxserver_listen(void) } error("ControlSocket %s already exists, disabling multiplexing", orig_control_path); - xfree(orig_control_path); unlink(options.control_path); goto disable_mux_master; } -- cgit v1.2.3 From ab523b02467f36a2f85c1a8bff6cf2fd4297fb12 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Fri, 6 Jul 2012 13:44:43 +1000 Subject: - djm@cvs.openbsd.org 2012/07/06 01:37:21 [mux.c] fix memory leak of passed-in environment variables and connection context when new session message is malformed; bz#2003 from Bert.Wesarg AT googlemail.com --- ChangeLog | 5 +++++ mux.c | 12 +++++++++--- 2 files changed, 14 insertions(+), 3 deletions(-) (limited to 'mux.c') diff --git a/ChangeLog b/ChangeLog index 0d876d2ae..68811e63b 100644 --- a/ChangeLog +++ b/ChangeLog @@ -11,6 +11,11 @@ Add options to specify starting line number and number of lines to process when screening moduli candidates. This allows processing of different parts of a candidate moduli file in parallel. man page help jmc@, ok djm@ + - djm@cvs.openbsd.org 2012/07/06 01:37:21 + [mux.c] + fix memory leak of passed-in environment variables and connection + context when new session message is malformed; bz#2003 from Bert.Wesarg + AT googlemail.com 20120704 - (dtucker) [configure.ac openbsd-compat/bsd-misc.h] Add setlinebuf for diff --git a/mux.c b/mux.c index 3dd5e262c..5e0e65ff3 100644 --- a/mux.c +++ b/mux.c @@ -1,4 +1,4 @@ -/* $OpenBSD: mux.c,v 1.35 2012/06/01 01:01:22 djm Exp $ */ +/* $OpenBSD: mux.c,v 1.36 2012/07/06 01:37:21 djm Exp $ */ /* * Copyright (c) 2002-2008 Damien Miller * @@ -316,6 +316,8 @@ process_mux_new_session(u_int rid, Channel *c, Buffer *m, Buffer *r) cctx->term = NULL; cctx->rid = rid; cmd = reserved = NULL; + cctx->env = NULL; + env_len = 0; if ((reserved = buffer_get_string_ret(m, NULL)) == NULL || buffer_get_int_ret(&cctx->want_tty, m) != 0 || buffer_get_int_ret(&cctx->want_x_fwd, m) != 0 || @@ -329,16 +331,19 @@ process_mux_new_session(u_int rid, Channel *c, Buffer *m, Buffer *r) xfree(cmd); if (reserved != NULL) xfree(reserved); + for (j = 0; j < env_len; j++) + xfree(cctx->env[j]); + if (env_len > 0) + xfree(cctx->env); if (cctx->term != NULL) xfree(cctx->term); + xfree(cctx); error("%s: malformed message", __func__); return -1; } xfree(reserved); reserved = NULL; - cctx->env = NULL; - env_len = 0; while (buffer_len(m) > 0) { #define MUX_MAX_ENV_VARS 4096 if ((cp = buffer_get_string_ret(m, &len)) == NULL) @@ -413,6 +418,7 @@ process_mux_new_session(u_int rid, Channel *c, Buffer *m, Buffer *r) xfree(cctx->env); } buffer_free(&cctx->cmd); + xfree(cctx); return 0; } -- cgit v1.2.3