[PATCH] Fix crash in sock_daemon_test (bug 12510)
Stefan Metzmacher
metze at samba.org
Mon Jan 16 16:25:59 UTC 2017
Hi Amitay,
pushed, thanks!
metze
>>> These patches fix the "use after free" memory access causing SEGV in
>>> sock_daemon_test.
>>>
>>> As per metze's valuable suggestions I have also fixed the following
>>> - use consistent naming convention
>>> - avoid layer violations by accessing top-level req in destructor
>>> - Instead of freeing sock_daemon_context to terminate the damon, I have
>> now
>>> added callback functions wait_send/recv which can be used to signal the
>>> termination condition.
>>
>>
>>> +static void sock_daemon_reconfigure(struct sock_daemon_run_state
>> *state);
>>> +static void sock_daemon_shutdown(struct sock_daemon_run_state *state);
>>> static void sock_daemon_socket_fail(struct tevent_req *subreq);
>>> static void sock_daemon_watch_pid(struct tevent_req *subreq);
>>> -static void sock_daemon_reconfigure(struct sock_daemon_start_state
>> *state);
>>> -static void sock_daemon_shutdown(struct sock_daemon_start_state *state);
>>
>> Can you please also rename the functions to have a
>> sock_daemon_run_ prefix?
>>
>> And sock_daemon_reconfigure() and sock_daemon_shutdown() should take
>> struct tevent_req *req as argument followed by
>>
>> + struct sock_daemon_run_state *state = tevent_req_data(
>> + req, struct sock_daemon_run_state);
>>
>>
>> I think sock_daemon_socket_fail() should keep the possible
>> tevent_req_error()
>> you should just move the sock_daemon_shutdown() call.
>>
>> metze
>>
>>
> Here is v2 patchset that fixes all the above mentioned issues.
>
> Please review and push.
>
> Amitay.
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20170116/5bd66e3e/signature.sig>
More information about the samba-technical
mailing list