Re: [PATCH spice-server 02/10] reds: Fix leaks if reds_init_client_ssl_connection fails

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, Sep 11, 2017 at 11:47:10AM -0400, Frediano Ziglio wrote:
> > 
> > On Mon, Sep 11, 2017 at 11:15:39AM +0100, Frediano Ziglio wrote:
> > > If a client is able to complete the TLS handshake phase
> > > reds_init_client_ssl_connection leaked some memory
> > > as the stream is not correctly freed.
> > > This also cause the stream to send the SPICE_CHANNEL_EVENT_DISCONNECTED
> > 
> > "causes"
> > 
> > > event. Otherwise only SPICE_CHANNEL_EVENT_CONNECTED was sent.
> > > 
> > > Signed-off-by: Frediano Ziglio <fziglio@xxxxxxxxxx>
> > > ---
> > >  server/reds.c | 5 ++++-
> > >  1 file changed, 4 insertions(+), 1 deletion(-)
> > > 
> > > diff --git a/server/reds.c b/server/reds.c
> > > index 24ec2bdde..5da716fc2 100644
> > > --- a/server/reds.c
> > > +++ b/server/reds.c
> > > @@ -2503,7 +2503,10 @@ static RedLinkInfo
> > > *reds_init_client_ssl_connection(RedsState *reds, int socket)
> > >      return link;
> > >  
> > >  error:
> > > -    free(link->stream);
> > > +    /* close the stream but do not close the socket, this API is
> > > +     * supposed to not close it if it fails */
> > > +    link->stream->socket = -1;
> > > +    reds_stream_free(link->stream);
> > >      BN_free(link->tiTicketing.bn);
> > >      free(link);
> > 
> > This is getting fairly similar to reds_link_free()?
> > 
> > Christophe
> > 
> 
> yes... wondering why is done this way... maybe to avoid the socket close?

I would guess just we never paid attention to that.

> Maybe in a follow up? This patch try just to avoid the leak.

I think it would be fine for this patch to change error: to
link->stream->socket = -1; reds_link_free(...);

Christophe


> 
> Frediano
> 
> > >      return NULL;
_______________________________________________
Spice-devel mailing list
Spice-devel@xxxxxxxxxxxxxxxxxxxxx
https://lists.freedesktop.org/mailman/listinfo/spice-devel




[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]     [Monitors]