DGNum/ubus
6
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

libubus: nullify stale msgbuf pointer in case of ubus_connect_ctx() failure

Browse source 
If the ubus_reconnect() call fails in ubus_connect_ctx(), the msgbuf.data
newly allocated buffer is freed, but its pointer in the ubus_context is not
removed.

This leads to a double free error if ubus_auto_shutdown() is called for cleanup
after ubus_auto_connect() failed to connect to ubusd.

Signed-off-by: Eyal Birger <eyal.birger@gmail.com>
This commit is contained in:
Eyal Birger 2016-05-15 08:13:27 +03:00 committed by Felix Fietkau
parent fcf5d8af65
commit 3b8d4b5653
1 changed files with 1 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
libubus.c
View file

@ -294,6 +294,7 @@ int ubus_connect_ctx(struct ubus_context *ctx, const char *path)
avl_init(&ctx->objects, ubus_cmp_id, false, NULL);
if (ubus_reconnect(ctx, path)) {
free(ctx->msgbuf.data);
ctx->msgbuf.data = NULL;
return -1;
}