generic-library/ssh2
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

session_free: wrong variable used for keeping state

Browse Source 
If libssh2_session_free is called without the channel being freed
previously by libssh2_channel_free a memory leak could occur.

A mismatch of states variables in session_free() prevent the call to
libssh2_channel_free function. session->state member is used instead of
session->free_state.

It causes a leak of around 600 bytes on every connection on my systems
(Linux, x64 and PPC).

(Debugging done under contract for Accedian Networks)

Fixes #246
This commit is contained in:
Maxime Larocque 2012-07-25 01:08:03 +02:00 committed by Daniel Stenberg
parent 112845df0b
commit 6c27922ac1
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
src/session.c
View File

@ -834,7 +834,7 @@ session_free(LIBSSH2_SESSION *session)
_libssh2_debug(session, LIBSSH2_TRACE_TRANS, "Freeing session resource",
session->remote.banner);
session->state = libssh2_NB_state_created;
session->free_state = libssh2_NB_state_created;
}
if (session->free_state == libssh2_NB_state_created) {
@ -845,17 +845,17 @@ session_free(LIBSSH2_SESSION *session)
return rc;
}
session->state = libssh2_NB_state_sent;
session->free_state = libssh2_NB_state_sent;
}
if (session->state == libssh2_NB_state_sent) {
if (session->free_state == libssh2_NB_state_sent) {
while ((l = _libssh2_list_first(&session->listeners))) {
rc = _libssh2_channel_forward_cancel(l);
if (rc == LIBSSH2_ERROR_EAGAIN)
return rc;
}
session->state = libssh2_NB_state_sent1;
session->free_state = libssh2_NB_state_sent1;
}
if (session->state & LIBSSH2_STATE_NEWKEYS) {