guacamole-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Michael Jumper (JIRA)" <j...@apache.org>
Subject [jira] [Resolved] (GUACAMOLE-117) File descriptor leak if SSL/TLS negotiation fails
Date Sat, 12 Nov 2016 00:51:58 GMT

     [ https://issues.apache.org/jira/browse/GUACAMOLE-117?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Michael Jumper resolved GUACAMOLE-117.
--------------------------------------
    Resolution: Fixed

> File descriptor leak if SSL/TLS negotiation fails
> -------------------------------------------------
>
>                 Key: GUACAMOLE-117
>                 URL: https://issues.apache.org/jira/browse/GUACAMOLE-117
>             Project: Guacamole
>          Issue Type: Bug
>          Components: guacd
>            Reporter: Michael Jumper
>            Assignee: Michael Jumper
>             Fix For: 0.9.11-incubating
>
>
> From downstream [GUAC-1572|https://glyptodon.org/jira/browse/GUAC-1572]:
> {quote}
> In guacd's SSL/TLS socket implementation, the file descriptor is not closed if {{SSL_accept()}}
fails, resulting in a leak. See:
> https://github.com/apache/incubator-guacamole-server/blob/16a8b9b94bfe35e5eba0079965856e46533c79c0/src/guacd/connection.c#L377-L382
> {{guac_socket_open_secure()}} should not free the file descriptor itself (having a failed
allocation do anything but return an error code would violate the Principle of Least Surprise),
but callers of {{guac_socket_open_secure()}} should handle error conditions properly and clean
up after themselves.
> {quote}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message