From 16e4f0c52cf2303b02725b69ae16be494a147c56 Mon Sep 17 00:00:00 2001 From: David Barksdale Date: Sun, 12 Nov 2017 21:46:16 -0600 Subject: [PATCH] Fix memory leak and use-after-free --- src/transport/gnunet-service-transport.c | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/src/transport/gnunet-service-transport.c b/src/transport/gnunet-service-transport.c index ec4d82164..6b354df98 100644 --- a/src/transport/gnunet-service-transport.c +++ b/src/transport/gnunet-service-transport.c @@ -541,6 +541,13 @@ client_disconnect_cb (void *cls, GNUNET_CONTAINER_multipeermap_iterate (active_stccs, &mark_match_down, tc); + for (struct AddressToStringContext *cur = a2s_head; + NULL != cur; + cur = cur->next) + { + if (cur->tc == tc) + cur->tc = NULL; + } GNUNET_CONTAINER_DLL_remove (clients_head, clients_tail, tc); @@ -864,6 +871,8 @@ transmit_address_to_client (void *cls, GNUNET_assert ( (GNUNET_OK == res) || (GNUNET_SYSERR == res) ); + if (NULL == actx->tc) + return; if (NULL == buf) { env = GNUNET_MQ_msg (atsm, @@ -878,6 +887,7 @@ transmit_address_to_client (void *cls, GNUNET_CONTAINER_DLL_remove (a2s_head, a2s_tail, actx); + GNUNET_free (actx); return; } if (GNUNET_SYSERR == res) -- 2.25.1