[hotssh] gssh: Aovid potential use-after-free
- From: Colin Walters <walters src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [hotssh] gssh: Aovid potential use-after-free
- Date: Tue, 26 Nov 2013 14:42:22 +0000 (UTC)
commit d2cdf7adb8235fe31d1278b97d12b1c5708433d7
Author: Colin Walters <walters verbum org>
Date: Tue Nov 26 09:24:43 2013 -0500
gssh: Aovid potential use-after-free
If we return an error, the app may unref the object, so we need to
emit state changes, and free any memory just before doing the task
return.
libgssh/gssh-connection.c | 8 ++++----
1 files changed, 4 insertions(+), 4 deletions(-)
---
diff --git a/libgssh/gssh-connection.c b/libgssh/gssh-connection.c
index 518872c..d74e84b 100644
--- a/libgssh/gssh-connection.c
+++ b/libgssh/gssh-connection.c
@@ -459,8 +459,8 @@ gssh_connection_iteration_internal (GSshConnection *self,
}
else if (rc == SSH_AUTH_SUCCESS)
{
- return_task_success_and_clear (&self->negotiate_task);
state_transition (self, GSSH_CONNECTION_STATE_CONNECTED);
+ return_task_success_and_clear (&self->negotiate_task);
goto repeat;
}
else if (rc == SSH_AUTH_ERROR)
@@ -587,15 +587,15 @@ gssh_connection_iteration_internal (GSshConnection *self,
gs_free char *msg = g_strdup_printf ("Failed to authenticate via mechanism '%s'",
gssh_connection_auth_mechanism_to_string
(self->current_authmech));
_gssh_set_error_from_libssh (error, msg, self->session);
- return_task_error_and_clear (&self->auth_task, local_error);
g_clear_pointer (&self->password, g_free);
+ return_task_error_and_clear (&self->auth_task, local_error);
}
else if (rc == SSH_AUTH_DENIED)
{
g_set_error_literal (error, G_IO_ERROR, G_IO_ERROR_PERMISSION_DENIED,
"Authentication failed");
- return_task_error_and_clear (&self->auth_task, local_error);
g_clear_pointer (&self->password, g_free);
+ return_task_error_and_clear (&self->auth_task, local_error);
}
else if (rc == SSH_AUTH_PARTIAL)
{
@@ -605,8 +605,8 @@ gssh_connection_iteration_internal (GSshConnection *self,
}
else
{
- return_task_success_and_clear (&self->auth_task);
state_transition (self, GSSH_CONNECTION_STATE_CONNECTED);
+ return_task_success_and_clear (&self->auth_task);
goto repeat;
}
break;
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]