ChannelForwardedTCPIP.getPortForwarding(Session) DO NOT CHECK a Session instance.

[parkjunhong]

HI, I'm Park, Jun Hong in Korea.

I have been used a original Jsch and developed a program that maintains a ssh tunneling.

I found a below bug and fixed it for my application.

So, I report this bug and hope to fix this bug for here.

Found Bugs
Recently I've finished a program that provides a remote port forwarding. This program provides 3 functions.

1. Connects a remote port forwarding.
2. Disconnects a remote port forwarding connection.
3. Lists remote port forwarding.

I found a bug that Remote Port Forwardings are mixed, although it's remote server is different from each other.

A method that provides Local Port Forwarding checks a Session instance.

file: com.jcraft.jsch.PortWatcher.java

static String[] getPortForwarding(Session session){
  java.util.Vector foo=new java.util.Vector();
 
  synchronized(pool){
    for(int i=0; i<pool.size(); i++){
      PortWatcher p=(PortWatcher)(pool.elementAt(i));
      if(p.session==session){
        foo.addElement(p.lport+":"+p.host+":"+p.rport);
      }
    }
  }

String[] bar=new String[foo.size()];
for(int i=0; i<foo.size(); i++){
bar[i]=(String)(foo.elementAt(i));
}
return bar;
}
But a method that provides Remote Port Forwardings DO NOT CHECK a Session instance.

file: com.jcraft.jsch.ChannelForwardedTCPIP.java

static String[] getPortForwarding(Session session){
  Vector foo = new Vector();
 
  synchronized(pool){
    for(int i=0; i<pool.size(); i++){
      Config config = (Config)(pool.elementAt(i));
      if(config instanceof ConfigDaemon)
        foo.addElement(config.allocated_rport+":"+config.target+":");
      else
        foo.addElement(config.allocated_rport+":"+config.target+":"+((ConfigLHost)config).lport);
    }
  }
 
  String[] bar=new String[foo.size()];
  for(int i=0; i<foo.size(); i++){
    bar[i]=(String)(foo.elementAt(i));
  }
  return bar;
}

To fix this bug, add codes to check whether config.session is equals to the parameter 'session'.

 static String[] getPortForwarding(Session session) {
        Vector foo = new Vector();
        synchronized (pool) {
            for (int i = 0; i < pool.size(); i++) {
                Config config = (Config) (pool.elementAt(i));
                // (start) [BUG-FIX]: check an instance of a session / Park_Jun_Hong_(parkjunhong77_at_gmail_com): 2020.
                // 5. 25. PM. 5:34:14
                if (!config.session.equals(session)) {
                    continue;
                }
                // (end): 2020. 5. 25. PM. 5:34:14

                if (config instanceof ConfigDaemon)
                    foo.addElement(config.allocated_rport + ":" + config.target + ":");
                else
                    foo.addElement(config.allocated_rport + ":" + config.target + ":" + ((ConfigLHost) config).lport);
            }
        }
        String[] bar = new String[foo.size()];
        for (int i = 0; i < foo.size(); i++) {
            bar[i] = (String) (foo.elementAt(i));
        }
        return bar;
    }

[norrisjeremy]

Hi @parkjunhong,
Could you submit a PR with the proposed changes?
That will help to review and better understand the issue.

[norrisjeremy]

Hi @parkjunhong,

I have included your suggest fix as part of PR #64 (911358b) that I have opened.

Thanks,
Jeremy

[norrisjeremy]

Hi @parkjunhong,

Your suggested fix was included in the 0.1.66 release.

Thanks,
Jeremy