Fix edge cases: SSL renegotiation, exec programs

2025-12-06 04:31:29 +00:00 · 2022-10-14 00:58:24 +00:00
parent 1251467f88
commit bda95e0437
3 changed files with 22 additions and 5 deletions
--- a/ncat/ncat_exec_win.c
+++ b/ncat/ncat_exec_win.c
@@ -434,6 +434,12 @@ static DWORD WINAPI subprocess_thread_func(void *data)
                n = ncat_recv(&info->fdn, buffer, sizeof(buffer), &pending);
                if (n <= 0)
                {
+                    /* return value can be 0 without meaning EOF in some cases such as SSL
+                     * renegotiations that require read/write socket operations but do not
+                     * have any application data. */
+                    if(n == 0 && fdn->lasterr == 0) {
+                        continue; /* Check pending */
+                    }
                    goto loop_end;
                }
                n_r = n;
--- a/ncat/ncat_listen.c
+++ b/ncat/ncat_listen.c
@@ -674,7 +674,7 @@ int read_socket(int recv_fd)
            /* return value can be 0 without meaning EOF in some cases such as SSL
             * renegotiations that require read/write socket operations but do not
             * have any application data. */
-            if(n == 0 && fdn->lasterr != 0) {
+            if(n == 0 && fdn->lasterr == 0) {
                continue; /* Check pending */
            }
            close_fd(fdn, n == 0);
@@ -742,7 +742,7 @@ static void read_and_broadcast(int recv_fd)
                /* return value can be 0 without meaning EOF in some cases such as SSL
                 * renegotiations that require read/write socket operations but do not
                 * have any application data. */
-                if(n == 0 && fdn->lasterr != 0) {
+                if(n == 0 && fdn->lasterr == 0) {
                    continue; /* Check pending */
                }
                close_fd(fdn, n == 0);
--- a/ncat/ncat_posix.c
+++ b/ncat/ncat_posix.c
@@ -220,9 +220,18 @@ void netexec(struct fdinfo *info, char *cmdexec)

            do {
                n_r = ncat_recv(info, buf, sizeof(buf), &pending);
-                if (n_r <= 0)
+                if (n_r <= 0) {
+                    /* return value can be 0 without meaning EOF in some cases such as SSL
+                     * renegotiations that require read/write socket operations but do not
+                     * have any application data. */
+                    if(n_r == 0 && info->lasterr == 0) {
+                        continue; /* Check pending */
+                    }
                    goto loop_end;
-                write_loop(child_stdin[1], buf, n_r);
+                }
+                r = write_loop(child_stdin[1], buf, n_r);
+                if (r != n_r)
+                  goto loop_end;
            } while (pending);
        }
        if (checked_fd_isset(child_stdout[0], &fds)) {
@@ -235,9 +244,11 @@ void netexec(struct fdinfo *info, char *cmdexec)
                if (fix_line_endings((char *) buf, &n_r, &crlf, &crlf_state))
                    wbuf = crlf;
            }
-            ncat_send(info, wbuf, n_r);
+            r = ncat_send(info, wbuf, n_r);
            if (crlf != NULL)
                free(crlf);
+            if (r <= 0)
+                goto loop_end;
        }
    }
 loop_end: