[Bug 160] Race condition in clientloop.c?
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Thu Mar 14 08:25:26 EST 2002
http://bugzilla.mindrot.org/show_bug.cgi?id=160
Nicolas.Williams at ubsw.com changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |FIXED
------- Additional Comments From Nicolas.Williams at ubsw.com 2002-03-14 08:25 -------
Aha!
Yes, there is a race. It's there in 2.9p2, but apparently not in 3.0.2p1.
Essentially the
"if (compat20 && session_closed && !channel_still_open())"
check at the top of the client loop is not close enough to the
call to select() in client_wait_until_can_do_something(). In fact,
client_wait_until_can_do_something() calls channel_prepare_select()
which calls channel_handler() which may well call chan_is_dead()
which may leave no channels open and yet
client_wait_until_can_do_something() will still go into the
select().
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the openssh-unix-dev
mailing list