Fix double-free segmentation fault in concurrent tunnel cleanup

- Remove duplicate remove_tunnel() call in handle_connection cleanup - Prevent double-free of tunnel resources during concurrent connection cleanup - Ensure proper thread synchronization during tunnel cleanup - Fix race condition between forwarding thread exit and cleanup

Fix double-free segmentation fault in concurrent tunnel cleanup
- Remove duplicate remove_tunnel() call in handle_connection cleanup - Prevent double-free of tunnel resources during concurrent connection cleanup - Ensure proper thread synchronization during tunnel cleanup - Fix race condition between forwarding thread exit and cleanup
4fd5bcc3 · Stefy Lanza (nextime / spora ) · 220bdb98 · 4fd5bcc3
Commit 4fd5bcc3 authored Sep 18, 2025 by Stefy Lanza (nextime / spora )
Show whitespace changes
Inline Side-by-side

Showing with 3 additions and 5 deletions

modes.c wssshtools/libwsssht/modes.c +3 -5

No files found.
--- a/wssshtools/libwsssht/modes.c
+++ b/wssshtools/libwsssht/modes.c
@@ -1267,7 +1267,7 @@ cleanup_and_exit:
        }
    }
-    // Cleanup
+    // Cleanup - close resources and remove from global array
    if (new_tunnel) {
        if (new_tunnel->local_sock >= 0) {
            close(new_tunnel->local_sock);
@@ -1275,13 +1275,11 @@ cleanup_and_exit:
        if (new_tunnel->ssl) {
            SSL_free(new_tunnel->ssl);
        }
-        // Remove tunnel from global array
+        // Remove tunnel from global array and free it
        pthread_mutex_lock(&tunnel_mutex);
        remove_tunnel(new_tunnel->request_id);
        pthread_mutex_unlock(&tunnel_mutex);
-        frame_buffer_free(new_tunnel->incoming_buffer);
-        free(new_tunnel);
    }
    if (config->debug) {