Fix Ncat crash on concurrent ssl connections

Reported on debian bugtracker here: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=724580 We can't remove an fdinfo from client_fdlist and still expect to access the fdinfo via a pointer we got from get_fdinfo(&client_fdlist) since rm_fd() modifies the data at the address pointed to. So instead of removing it from the list and then adding it right back, we just don't remove it in the first place.
2025-12-06 04:31:29 +00:00 · 2014-10-21 05:50:36 +00:00
parent dacc9b8549
commit 3b6ea5a9e5
1 changed files with 4 additions and 1 deletions
--- a/ncat/ncat_listen.c
+++ b/ncat/ncat_listen.c
@@ -354,7 +354,6 @@ static int ncat_listen_stream(int proto)
                case NCAT_SSL_HANDSHAKE_COMPLETED:
                    /* Clear from sslpending_fds once ssl is established */
                    FD_CLR(i, &sslpending_fds);
-                    rm_fd(&client_fdlist, i);
                    post_handle_connection(*fdi);
                    break;
                case NCAT_SSL_HANDSHAKE_PENDING_WRITE:
@@ -529,6 +528,10 @@ static void post_handle_connection(struct fdinfo sinfo)
            /* add to our lists */
            FD_SET(sinfo.fd, &master_readfds);
            /* add it to our list of fds for maintaining maxfd */
+#ifdef HAVE_OPENSSL
+            /* Don't add it twice (see handle_connection above) */
+            if (!o.ssl)
+#endif
            if (add_fdinfo(&client_fdlist, &sinfo) < 0)
                bye("add_fdinfo() failed.");
        }