PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-06 04:31:29 +00:00
Code Issues Projects Releases Wiki Activity

Fix Ncat crash on concurrent ssl connections

Browse Source 
Reported on debian bugtracker here:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=724580

We can't remove an fdinfo from client_fdlist and still expect to access
the fdinfo via a pointer we got from get_fdinfo(&client_fdlist) since
rm_fd() modifies the data at the address pointed to. So instead of
removing it from the list and then adding it right back, we just don't
remove it in the first place.
This commit is contained in:
dmiller
2014-10-21 05:50:36 +00:00
parent dacc9b8549
commit 3b6ea5a9e5
1 changed files with 4 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
ncat/ncat_listen.c
View File

@@ -354,7 +354,6 @@ static int ncat_listen_stream(int proto)
case NCAT_SSL_HANDSHAKE_COMPLETED: case NCAT_SSL_HANDSHAKE_COMPLETED:
/* Clear from sslpending_fds once ssl is established */ /* Clear from sslpending_fds once ssl is established */
FD_CLR(i, &sslpending_fds); FD_CLR(i, &sslpending_fds);
rm_fd(&client_fdlist, i);
post_handle_connection(*fdi); post_handle_connection(*fdi);
break; break;
case NCAT_SSL_HANDSHAKE_PENDING_WRITE: case NCAT_SSL_HANDSHAKE_PENDING_WRITE:
@@ -529,6 +528,10 @@ static void post_handle_connection(struct fdinfo sinfo)
/* add to our lists */ /* add to our lists */
FD_SET(sinfo.fd, &master_readfds); FD_SET(sinfo.fd, &master_readfds);
/* add it to our list of fds for maintaining maxfd */ /* add it to our list of fds for maintaining maxfd */
#ifdef HAVE_OPENSSL
/* Don't add it twice (see handle_connection above) */
if (!o.ssl)
#endif
if (add_fdinfo(&client_fdlist, &sinfo) < 0) if (add_fdinfo(&client_fdlist, &sinfo) < 0)
bye("add_fdinfo() failed."); bye("add_fdinfo() failed.");
} }