rayelliott
/
barrier
mirror of https://github.com/debauchee/barrier.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge pull request #1350 from p12tic/fix-file-handles-leak 

Fix file descriptor leak on incomplete connections [SECURITY VULNERABILITY CVE-2021-42075]
This commit is contained in:
Povilas Kanapickas 2021-11-01 14:04:45 +02:00 committed by GitHub
parent aaa0e4d2e0 deefecc262
commit caeebf6c36
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 11 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
doc/newsfragments/close-failed-handshake-connections.bugfix Normal file
View File

@ -0,0 +1,6 @@
SECURITY ISSUE
Barrier will now correctly close connections when the app-level handshake fails (fixes CVE-2021-42075).
Previously repeated failing connections would leak file descriptors leading to Barrier being unable
to receive new connections from clients.

5
src/lib/server/ClientListener.cpp
View File

@ -194,6 +194,11 @@ ClientListener::handleUnknownClient(const Event&, void* vclient)
new TMethodEventJob<ClientListener>(this, new TMethodEventJob<ClientListener>(this,
&ClientListener::handleClientDisconnected, &ClientListener::handleClientDisconnected,
client)); client));
} else {
auto* stream = unknownClient->getStream();
if (stream) {
stream->close();
}
} }
// now finished with unknown client // now finished with unknown client