Mercurial > dropbear
comparison netio.c @ 1801:4983a6bc1f51
fuzz: fix crash in newtcpdirect(), don't close the channel too early
author | Matt Johnston <matt@ucc.asn.au> |
---|---|
date | Fri, 05 Mar 2021 22:51:11 +0800 |
parents | f680a19bd559 |
children | 6022df862942 |
comparison
equal
deleted
inserted
replaced
1800:c584b5602bd8 | 1801:4983a6bc1f51 |
---|---|
177 { | 177 { |
178 struct dropbear_progress_connection *c = NULL; | 178 struct dropbear_progress_connection *c = NULL; |
179 int err; | 179 int err; |
180 struct addrinfo hints; | 180 struct addrinfo hints; |
181 | 181 |
182 #if DROPBEAR_FUZZ | |
183 if (fuzz.fuzzing) { | |
184 return fuzz_connect_remote(remotehost, remoteport, cb, cb_data, bind_address, bind_port); | |
185 } | |
186 #endif | |
187 | |
188 c = m_malloc(sizeof(*c)); | 182 c = m_malloc(sizeof(*c)); |
189 c->remotehost = m_strdup(remotehost); | 183 c->remotehost = m_strdup(remotehost); |
190 c->remoteport = m_strdup(remoteport); | 184 c->remoteport = m_strdup(remoteport); |
191 c->sock = -1; | 185 c->sock = -1; |
192 c->cb = cb; | 186 c->cb = cb; |
193 c->cb_data = cb_data; | 187 c->cb_data = cb_data; |
194 | 188 |
195 list_append(&ses.conn_pending, c); | 189 list_append(&ses.conn_pending, c); |
190 | |
191 #if DROPBEAR_FUZZ | |
192 if (fuzz.fuzzing) { | |
193 c->errstring = m_strdup("fuzzing connect_remote always fails"); | |
194 return c; | |
195 } | |
196 #endif | |
196 | 197 |
197 memset(&hints, 0, sizeof(hints)); | 198 memset(&hints, 0, sizeof(hints)); |
198 hints.ai_socktype = SOCK_STREAM; | 199 hints.ai_socktype = SOCK_STREAM; |
199 hints.ai_family = AF_UNSPEC; | 200 hints.ai_family = AF_UNSPEC; |
200 | 201 |