github-starred/barrier
2
0
Fork 0
mirror of https://github.com/debauchee/barrier.git synced 2026-05-15 14:16:02 -06:00
Code Issues 1.0k Projects Packages Wiki Activity Actions

[PR #1350] [MERGED] Fix file descriptor leak on incomplete connections [SECURITY VULNERABILITY CVE-2021-42075] #1791

New issue
Closed
opened 2026-05-05 08:02:00 -06:00 by gitea-mirror · 0 comments
gitea-mirror commented 2026-05-05 08:02:00 -06:00
Owner
Copy link

📋 Pull Request Information

Original PR: https://github.com/debauchee/barrier/pull/1350
Author: @p12tic
Created: 11/1/2021
Status: Merged
Merged: 11/1/2021
Merged by: @p12tic

Base: masterHead: fix-file-handles-leak

📝 Commits (1)

  • deefecc lib/server: Close connection when client app-level handshake fails

📊 Changes

2 files changed (+11 additions, -0 deletions)

View changed files

doc/newsfragments/close-failed-handshake-connections.bugfix (+6 -0)
📝 src/lib/server/ClientListener.cpp (+5 -0)

📄 Description

There was a quite simple bug of not closing file descriptors if app-level handshake fails. This leads to inability to accept further connections once the file descriptors are exhausted.

This PR fixes the following security vulnerability:

  • CVE-2021-42075 DoS via file descriptor exhaustion

The issue has been reported by Matthias Gerstner mgerstner@suse.de @mgerstner. Matthias also provided insights into how best to fix the issues, precise reproduction steps and any used tools and made the maintainer's life as pleasant as possible. Thank you!

🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.

## 📋 Pull Request Information **Original PR:** https://github.com/debauchee/barrier/pull/1350 **Author:** [@p12tic](https://github.com/p12tic) **Created:** 11/1/2021 **Status:** ✅ Merged **Merged:** 11/1/2021 **Merged by:** [@p12tic](https://github.com/p12tic) **Base:** `master` ← **Head:** `fix-file-handles-leak` --- ### 📝 Commits (1) - [`deefecc`](https://github.com/debauchee/barrier/commit/deefecc262319fba9b2f2d8b470ebbc52c412575) lib/server: Close connection when client app-level handshake fails ### 📊 Changes **2 files changed** (+11 additions, -0 deletions) <details> <summary>View changed files</summary> ➕ `doc/newsfragments/close-failed-handshake-connections.bugfix` (+6 -0) 📝 `src/lib/server/ClientListener.cpp` (+5 -0) </details> ### 📄 Description There was a quite simple bug of not closing file descriptors if app-level handshake fails. This leads to inability to accept further connections once the file descriptors are exhausted. This PR fixes the following security vulnerability: - CVE-2021-42075 DoS via file descriptor exhaustion The issue has been reported by Matthias Gerstner mgerstner@suse.de @mgerstner. Matthias also provided insights into how best to fix the issues, precise reproduction steps and any used tools and made the maintainer's life as pleasant as possible. Thank you! --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>
gitea-mirror 2026-05-05 08:02:00 -06:00
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
enhancement/builds/windows-multi-versions-build
martin-furter-barrier-term
enhancement/builds/macos-universal
enhancement/builds/macos-universal-qt6-test
2.3.x
fix/lang-translation/ssl-slash-tls
feature/build/compile/32-bit
feature/build/compile/armv7
testing-framework
README-update
remotes/fork/README-update
remotes/fork/smartzeroconf
smartzeroconf
pages-devel
remotes/fork/pages-devel
pkgconfig
remotes/fork/pkgconfig
release
remotes/fork/release
v2.4.0
v2.3.4
v2.3.3
1.11.0-stable
v1.11.0-rc2
v2.3.2
v1.10.3-stable
v2.3.2-alpha
v2.3.1
v2.3.0
v1.10.2-stable
v1.10.2-rc1
v1.10.2-rc2
v2.1.2
v2.0.8-beta
v2.0.7-beta
v2.0.4-beta
v2.0.3-beta
v2.1.1
v2.1.0
v1.9.1-stable
v2.0.0
v1.9.0-stable
v2.0.0-RC2
v2.0.0-RC1
v2.0.0-stable
v1.8.8-stable
v1.8.7-stable
v1.8.6-stable
v1.8.5-stable
v1.8.4-stable
v1.8.3-stable
v1.8.1-stable
v1.8.0-beta
v1.7.3-stable
v1.7.2-stable
v1.7.1-stable
1.7.0
1.6.3-final
1.6.2
1.6.1
1.6.0
Labels
Clear labels   
HiDPI

   
bounty

   
bsd/freebsd

   
bsd/openbsd

   
bug

   
bug

   
build-infra

   
cantfix

   
critical

   
doc

   
duplicate

   
enhancement

   
fix-available

   
from git

   
from release

   
good first issue

   
help wanted

   
installer/package

   
invalid

   
linux

   
macOS

   
meta

   
needs testing

   
pull-request

Mirrored from GitHub Pull Request

  
query

   
question

   
regression

   
regression

   
v2.4.0

   
windows

   
wontfix

   
work-in-progress
No labels
HiDPI
bounty
bsd/freebsd
bsd/openbsd
bug
bug
build-infra
cantfix
critical
doc
duplicate
enhancement
fix-available
from git
from release
good first issue
help wanted
installer/package
invalid
linux
macOS
meta
needs testing
pull-request
query
question
regression
regression
v2.4.0
windows
wontfix
work-in-progress
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/barrier#1791
No description provided.
Delete branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?