[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[gnunet] 17/28: PEERSTORE: fix write-after-free in handle_{iterate_end,w
From: |
gnunet |
Subject: |
[gnunet] 17/28: PEERSTORE: fix write-after-free in handle_{iterate_end,watch_record} |
Date: |
Mon, 06 Feb 2023 06:19:19 +0100 |
This is an automated email from the git hooks/post-receive script.
martin-schanzenbach pushed a commit to branch master
in repository gnunet.
commit ecea740a0ca2801db85482e5f26c550fe05c9ac3
Author: ulfvonbelow <strilen@tilde.club>
AuthorDate: Sun Jan 29 06:17:52 2023 -0600
PEERSTORE: fix write-after-free in handle_{iterate_end,watch_record}
One of the tests - I forget which one, didn't write it down at the time -
actually does cause h to be freed in its callback. If this isn't supposed to
be allowed, we should find and fix that test.
Signed-off-by: Martin Schanzenbach <schanzen@gnunet.org>
---
src/peerstore/peerstore_api.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/src/peerstore/peerstore_api.c b/src/peerstore/peerstore_api.c
index b3e793d93..1c13369cf 100644
--- a/src/peerstore/peerstore_api.c
+++ b/src/peerstore/peerstore_api.c
@@ -608,9 +608,10 @@ handle_iterate_end (void *cls, const struct
GNUNET_MessageHeader *msg)
callback_cls = ic->callback_cls;
ic->iterating = GNUNET_NO;
GNUNET_PEERSTORE_iterate_cancel (ic);
+ /* NOTE: set this here and not after callback because callback may free h */
+ h->reconnect_delay = GNUNET_TIME_UNIT_ZERO;
if (NULL != callback)
callback (callback_cls, NULL, NULL);
- h->reconnect_delay = GNUNET_TIME_UNIT_ZERO;
}
@@ -781,9 +782,9 @@ handle_watch_record (void *cls, const struct
StoreRecordMessage *msg)
disconnect_and_schedule_reconnect (h);
return;
}
+ h->reconnect_delay = GNUNET_TIME_UNIT_ZERO;
if (NULL != wc->callback)
wc->callback (wc->callback_cls, record, NULL);
- h->reconnect_delay = GNUNET_TIME_UNIT_ZERO;
PEERSTORE_destroy_record (record);
}
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
- [gnunet] branch master updated (d8cbbb5b6 -> dc5501061), gnunet, 2023/02/06
- [gnunet] 01/28: -Fix -Wstacl-protector typo., gnunet, 2023/02/06
- [gnunet] 02/28: NAT: don't leak AddrEntries when unregistering., gnunet, 2023/02/06
- [gnunet] 03/28: -Miscellaneous mostly-comment typo fixes., gnunet, 2023/02/06
- [gnunet] 04/28: -CORE: fix memory leak in test., gnunet, 2023/02/06
- [gnunet] 08/28: -GNS: use proper config file name in test_proxy.sh., gnunet, 2023/02/06
- [gnunet] 11/28: HELLO: fix memory leak in GNUNET_HELLO_extract_address., gnunet, 2023/02/06
- [gnunet] 17/28: PEERSTORE: fix write-after-free in handle_{iterate_end,watch_record},
gnunet <=
- [gnunet] 18/28: RECLAIM: rename G_D_key_covert_... to G_D_key_convert_..., gnunet, 2023/02/06
- [gnunet] 12/28: JSON: fix memory leaks in test., gnunet, 2023/02/06
- [gnunet] 06/28: DHT: remove "memory leak" in gnunet-dht-{get,put}., gnunet, 2023/02/06
- [gnunet] 05/28: -DATACACHE: fix memory leaks in tests., gnunet, 2023/02/06
- [gnunet] 07/28: FS: fix memory leak in GNUNET_FS_search_stop., gnunet, 2023/02/06
- [gnunet] 09/28: GNSRECORD: fix memory leaks in tests., gnunet, 2023/02/06
- [gnunet] 16/28: NAMESTORE: avoid use-after-free in handle_record_result., gnunet, 2023/02/06
- [gnunet] 15/28: NAMESTORE: fix overread in handle_record_store., gnunet, 2023/02/06
- [gnunet] 13/28: -NAMESTORE: fix memory leaks in tests., gnunet, 2023/02/06
- [gnunet] 14/28: NAMESTORE: fix memory leak in parse_recordline., gnunet, 2023/02/06