router_area last. This avoids use before free errors.This closes #817.

gmurthy Fri, 07 Aug 2020 13:27:22 -0700

This is an automated email from the ASF dual-hosted git repository.

gmurthy pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/qpid-dispatch.git



The following commit(s) were added to refs/heads/master by this push:
     new 5b86df5  DISPATCH-1738: Free the qd->router_id and qd->router_area 
last. This avoids use before free errors.This closes #817.
5b86df5 is described below

commit 5b86df5d69655c83aa9b252d9b836a180fd856ab
Author: Ganesh Murthy <gmur...@apache.org>
AuthorDate: Fri Aug 7 12:11:45 2020 -0400

    DISPATCH-1738: Free the qd->router_id and qd->router_area last. This avoids 
use before free errors.This closes #817.
---
 src/dispatch.c                | 4 ++--
 src/router_core/router_core.c | 8 ++++++++
 src/router_node.c             | 7 +++++++
 3 files changed, 17 insertions(+), 2 deletions(-)

diff --git a/src/dispatch.c b/src/dispatch.c
index 7176562..fd213cc 100644
--- a/src/dispatch.c
+++ b/src/dispatch.c
@@ -358,8 +358,6 @@ static void qd_dispatch_set_router_area(qd_dispatch_t *qd, 
char *_area) {
 void qd_dispatch_free(qd_dispatch_t *qd)
 {
     if (!qd) return;
-    qd_dispatch_set_router_id(qd, NULL);
-    qd_dispatch_set_router_area(qd, NULL);
     free(qd->sasl_config_path);
     free(qd->sasl_config_name);
     qd_connection_manager_free(qd->connection_manager);
@@ -371,6 +369,8 @@ void qd_dispatch_free(qd_dispatch_t *qd)
     qd_log_finalize();
     qd_alloc_finalize();
     qd_python_finalize();
+    qd_dispatch_set_router_id(qd, NULL);
+    qd_dispatch_set_router_area(qd, NULL);
 }
 
 
diff --git a/src/router_core/router_core.c b/src/router_core/router_core.c
index d2d24d9..b35954c 100644
--- a/src/router_core/router_core.c
+++ b/src/router_core/router_core.c
@@ -105,9 +105,17 @@ void qdr_core_free(qdr_core_t *core)
     // Stop and join the thread
     //
     core->running = false;
+
     sys_cond_signal(core->action_cond);
     sys_thread_join(core->thread);
 
+    //
+    // The char* core->router_id and core->router_area are owned by 
qd->router_id and qd->router_area respectively
+    // We will set them to zero here just in case anybody tries to use these 
fields.
+    //
+    core->router_id = 0;
+    core->router_area = 0;
+
     // Drain the general work lists
     qdr_general_handler(core);
 
diff --git a/src/router_node.c b/src/router_node.c
index 0597ba0..4fdf3ad 100644
--- a/src/router_node.c
+++ b/src/router_node.c
@@ -1992,6 +1992,13 @@ void qd_router_free(qd_router_t *router)
 {
     if (!router) return;
 
+    //
+    // The char* router->router_id and router->router_area are owned by 
qd->router_id and qd->router_area respectively
+    // We will set them to zero here just in case anybody tries to use these 
fields.
+    //
+    router->router_id = 0;
+    router->router_area = 0;
+
     qd_container_set_default_node_type(router->qd, 0, 0, QD_DIST_BOTH);
 
     qdr_core_free(router->router_core);


---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscr...@qpid.apache.org
For additional commands, e-mail: commits-h...@qpid.apache.org

[qpid-dispatch] branch master updated: DISPATCH-1738: Free the qd->router_id and qd->router_area last. This avoids use before free errors.This closes #817.

Reply via email to