Mercurial > dropbear
diff netio.c @ 1801:4983a6bc1f51
fuzz: fix crash in newtcpdirect(), don't close the channel too early
| author | Matt Johnston <matt@ucc.asn.au> |
|---|---|
| date | Fri, 05 Mar 2021 22:51:11 +0800 |
| parents | f680a19bd559 |
| children | 6022df862942 |
line wrap: on
line diff
--- a/netio.c Fri Mar 05 21:13:20 2021 +0800 +++ b/netio.c Fri Mar 05 22:51:11 2021 +0800 @@ -179,12 +179,6 @@ int err; struct addrinfo hints; -#if DROPBEAR_FUZZ - if (fuzz.fuzzing) { - return fuzz_connect_remote(remotehost, remoteport, cb, cb_data, bind_address, bind_port); - } -#endif - c = m_malloc(sizeof(*c)); c->remotehost = m_strdup(remotehost); c->remoteport = m_strdup(remoteport); @@ -194,6 +188,13 @@ list_append(&ses.conn_pending, c); +#if DROPBEAR_FUZZ + if (fuzz.fuzzing) { + c->errstring = m_strdup("fuzzing connect_remote always fails"); + return c; + } +#endif + memset(&hints, 0, sizeof(hints)); hints.ai_socktype = SOCK_STREAM; hints.ai_family = AF_UNSPEC;