session_free: wrong variable used for keeping state

If libssh2_session_free is called without the channel being freed previously by libssh2_channel_free a memory leak could occur. A mismatch of states variables in session_free() prevent the call to libssh2_channel_free function. session->state member is used instead of session->free_state. It causes a leak of around 600 bytes on every connection on my systems (Linux, x64 and PPC). (Debugging done under contract for Accedian Networks) Fixes #246
2012-07-25 01:08:03 +02:00 · 2012-07-25 01:08:03 +02:00 · 6c27922ac1
--- a/src/session.c
+++ b/src/session.c
@ -834,7 +834,7 @@ session_free(LIBSSH2_SESSION *session)
        _libssh2_debug(session, LIBSSH2_TRACE_TRANS, "Freeing session resource",
                       session->remote.banner);
-        session->state = libssh2_NB_state_created;
+        session->free_state = libssh2_NB_state_created;
    }
    if (session->free_state == libssh2_NB_state_created) {
@ -845,17 +845,17 @@ session_free(LIBSSH2_SESSION *session)
                return rc;
        }
-        session->state = libssh2_NB_state_sent;
+        session->free_state = libssh2_NB_state_sent;
    }
-    if (session->state == libssh2_NB_state_sent) {
+    if (session->free_state == libssh2_NB_state_sent) {
        while ((l = _libssh2_list_first(&session->listeners))) {
            rc = _libssh2_channel_forward_cancel(l);
            if (rc == LIBSSH2_ERROR_EAGAIN)
                return rc;
        }
-        session->state = libssh2_NB_state_sent1;
+        session->free_state = libssh2_NB_state_sent1;
    }
    if (session->state & LIBSSH2_STATE_NEWKEYS) {