]> asedeno.scripts.mit.edu Git - PuTTY.git/commitdiff
Don't reject _and_ accept X forwarding requests!
authorSimon Tatham <anakin@pobox.com>
Sat, 22 Nov 2014 09:59:37 +0000 (09:59 +0000)
committerSimon Tatham <anakin@pobox.com>
Sat, 22 Nov 2014 15:26:16 +0000 (15:26 +0000)
If a sharing downstream asks for an auth method we don't understand,
we should send them CHANNEL_FAILURE *and then stop processing*. Ahem.

(Spotted while examining this code in the course of Coverity-related
fixes, but not itself a Coverity-found problem.)

sshshare.c

index df64d6fe150492894a03934326c0bafddace930f..54d58a6624bfdb9b19b4d32afb37b2943e9e3751 100644 (file)
@@ -1672,6 +1672,8 @@ static void share_got_pkt_from_downstream(struct ssh_sharing_connstate *cs,
                     PUT_32BIT(recipient_id, chan->downstream_id);
                     send_packet_to_downstream(cs, SSH2_MSG_CHANNEL_FAILURE,
                                               recipient_id, 4, NULL);
+                    sfree(auth_data);
+                    break;
                 }
 
                 chan->x11_auth_proto = auth_proto;