Good catch. I will push this later today. -Nathan
On Aug 6, 2013, at 2:16 PM, Chris Dickens <christopher.a.dick...@gmail.com> wrote: > When a transfer is submitted, the device is referenced in > libusb_submit_transfer() > and unreferenced in usbi_handle_transfer_completion(). This transfer could > potentially > be freed by any user callback, or is freed by libusb if > LIBUSB_TRANSFER_FREE_TRANSFER > is set in the flags. The call to unreference the device uses this potentially > freed > memory. Reading the device handle beforehand will prevent this disaster. > --- > libusb/io.c | 3 ++- > 1 file changed, 2 insertions(+), 1 deletion(-) > > diff --git a/libusb/io.c b/libusb/io.c > index 64712c2..d766ccf 100644 > --- a/libusb/io.c > +++ b/libusb/io.c > @@ -1524,6 +1524,7 @@ int usbi_handle_transfer_completion(struct > usbi_transfer *itransfer, > struct libusb_transfer *transfer = > USBI_TRANSFER_TO_LIBUSB_TRANSFER(itransfer); > struct libusb_context *ctx = TRANSFER_CTX(transfer); > + struct libusb_device_handle *handle = transfer->dev_handle; > uint8_t flags; > int r = 0; > > @@ -1564,7 +1565,7 @@ int usbi_handle_transfer_completion(struct > usbi_transfer *itransfer, > usbi_mutex_lock(&ctx->event_waiters_lock); > usbi_cond_broadcast(&ctx->event_waiters_cond); > usbi_mutex_unlock(&ctx->event_waiters_lock); > - libusb_unref_device(transfer->dev_handle->dev); > + libusb_unref_device(handle->dev); > return 0; > } > > -- > 1.8.1.1 > > > ------------------------------------------------------------------------------ > Get 100% visibility into Java/.NET code with AppDynamics Lite! > It's a free troubleshooting tool designed for production. > Get down to code-level detail for bottlenecks, with <2% overhead. > Download for free and get started troubleshooting in minutes. > http://pubads.g.doubleclick.net/gampad/clk?id=48897031&iu=/4140/ostg.clktrk > _______________________________________________ > libusbx-devel mailing list > libusbx-devel@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/libusbx-devel ------------------------------------------------------------------------------ Get 100% visibility into Java/.NET code with AppDynamics Lite! It's a free troubleshooting tool designed for production. Get down to code-level detail for bottlenecks, with <2% overhead. Download for free and get started troubleshooting in minutes. http://pubads.g.doubleclick.net/gampad/clk?id=48897031&iu=/4140/ostg.clktrk _______________________________________________ libusbx-devel mailing list libusbx-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/libusbx-devel
