From: Eyal Birger Date: Sun, 15 May 2016 05:13:27 +0000 (+0300) Subject: libubus: nullify stale msgbuf pointer in case of ubus_connect_ctx() failure X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=3b8d4b5653ef47bd2032d377cecfee40b613eb72;p=oweals%2Fubus.git libubus: nullify stale msgbuf pointer in case of ubus_connect_ctx() failure If the ubus_reconnect() call fails in ubus_connect_ctx(), the msgbuf.data newly allocated buffer is freed, but its pointer in the ubus_context is not removed. This leads to a double free error if ubus_auto_shutdown() is called for cleanup after ubus_auto_connect() failed to connect to ubusd. Signed-off-by: Eyal Birger --- diff --git a/libubus.c b/libubus.c index d52faff..8163ff7 100644 --- a/libubus.c +++ b/libubus.c @@ -294,6 +294,7 @@ int ubus_connect_ctx(struct ubus_context *ctx, const char *path) avl_init(&ctx->objects, ubus_cmp_id, false, NULL); if (ubus_reconnect(ctx, path)) { free(ctx->msgbuf.data); + ctx->msgbuf.data = NULL; return -1; }