2734 – close() is called twice in confree()

Bug 2734 - close() is called twice in confree()

Summary: close() is called twice in confree()

Status:	CLOSED FIXED

Alias:	None

Product:	Portable OpenSSH
Classification:	Unclassified
Component:	ssh-keyscan (show other bugs)
Version:	7.5p1
Hardware:	Other Other

Importance:	P5 minor
Assignee:	Assigned to nobody

URL:
Keywords:

Depends on:
Blocks:	V_7_6
	Show dependency tree / graph

Reported:	2017-06-30 05:43 AEST by balu
Modified:	2021-04-23 15:03 AEST (History)
CC List:	2 users (show)

See Also:

Attachments
ssh-keyscan: Close ssh channel FDs only once (588 bytes, patch) 2017-06-30 13:37 AEST, Darren Tucker	djm: ok+	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description balu 2017-06-30 05:43:13 AEST

close() is called twice in confree()

Current code - 
ssh_packet_close() internally calls the close() again.

confree(int s)

{
        ......
        ......
	close(s);
        ......
        ......
	if (fdcon[s].c_ssh) {

		ssh_packet_close(fdcon[s].c_ssh);
        ......
        ......

}

Fix -

confree(int s)
{
        ......
        ......
	if (fdcon[s].c_ssh) {
		ssh_packet_close(fdcon[s].c_ssh);
		free(fdcon[s].c_ssh);
		fdcon[s].c_ssh = NULL;
	} else
		close(s);
        ......
        ......
}

Comment 1 Darren Tucker 2017-06-30 13:37:37 AEST

Created attachment 3001 [details]
ssh-keyscan: Close ssh channel FDs only once

Comment 2 Darren Tucker 2017-06-30 14:18:07 AEST

Patch applied and will be in 7.6.  Thanks.

Comment 3 Damien Miller 2021-04-23 15:03:56 AEST

closing resolved bugs as of 8.6p1 release