Bug 2734

Summary:

close() is called twice in confree()

Product:

Portable OpenSSH

Reporter:

balu <bagajjal>

Component:

ssh-keyscan

Assignee:

Assigned to nobody <unassigned-bugs>

Status:

CLOSED FIXED

Severity:

minor

CC:

djm, dtucker

Priority:

Version:

7.5p1

Hardware:

Other

OS:

Other

Bug Depends on:

Bug Blocks:

2698

Attachments:

Description	Flags
ssh-keyscan: Close ssh channel FDs only once	djm: ok+

Description balu 2017-06-30 05:43:13 AEST

close() is called twice in confree()

Current code - 
ssh_packet_close() internally calls the close() again.

confree(int s)

{
        ......
        ......
	close(s);
        ......
        ......
	if (fdcon[s].c_ssh) {

		ssh_packet_close(fdcon[s].c_ssh);
        ......
        ......

}

Fix -

confree(int s)
{
        ......
        ......
	if (fdcon[s].c_ssh) {
		ssh_packet_close(fdcon[s].c_ssh);
		free(fdcon[s].c_ssh);
		fdcon[s].c_ssh = NULL;
	} else
		close(s);
        ......
        ......
}

Comment 1 Darren Tucker 2017-06-30 13:37:37 AEST

Created attachment 3001 [details]
ssh-keyscan: Close ssh channel FDs only once

Comment 2 Darren Tucker 2017-06-30 14:18:07 AEST

Patch applied and will be in 7.6.  Thanks.

Comment 3 Damien Miller 2021-04-23 15:03:56 AEST

closing resolved bugs as of 8.6p1 release