Move closefrom() to before first malloc.

When built against tcmalloc, tcmalloc allocates a descriptor for its internal use, so calling closefrom() afterward causes the descriptor number to be reused resulting in a corrupted connection. Moving the closefrom a little earlier should resolve this. From kircherlike at outlook.com via bz#3321, ok djm@
openssh · Jun 25, 2021 · c9f7bba · c9f7bba
1 parent 7ebfe4e
commit c9f7bba
Showing 1 changed file with 6 additions and 6 deletions.
diff --git a/ssh.c b/ssh.c
@@ -653,6 +653,12 @@ main(int ac, char **av)
 	/* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */
 	sanitise_stdfd();
 
+	/*
+	 * Discard other fds that are hanging around. These can cause problem
+	 * with backgrounded ssh processes started by ControlPersist.
+	 */
+	closefrom(STDERR_FILENO + 1);
+
 	__progname = ssh_get_progname(av[0]);
 
 #ifndef HAVE_SETPROCTITLE
@@ -668,12 +674,6 @@ main(int ac, char **av)
 
 	seed_rng();
 
-	/*
-	 * Discard other fds that are hanging around. These can cause problem
-	 * with backgrounded ssh processes started by ControlPersist.
-	 */
-	closefrom(STDERR_FILENO + 1);
-
 	/* Get user data. */
 	pw = getpwuid(getuid());
 	if (!pw) {