[Spice-devel] [vdagent-linux] udscs: Fix memory ownership issues with udscs_read_callback
Christophe Fergeau
cfergeau at redhat.com
Fri Nov 25 09:50:07 UTC 2016
On Fri, Nov 25, 2016 at 05:54:56AM +0100, Francois Gouget wrote:
>
> Thanks for this patch, I think it makes the code more consistent and
> cleaner. While rechecking this I think I found a wrinkle though:
>
>
> On Wed, 9 Nov 2016, Christophe Fergeau wrote:
> [...]
> > diff --git a/src/udscs.c b/src/udscs.c
> > index 427a844..b468e71 100644
> > --- a/src/udscs.c
> > +++ b/src/udscs.c
> > @@ -132,6 +132,7 @@ void udscs_destroy_connection(struct udscs_connection **connp)
> > }
> >
> > free(conn->data.buf);
> > + conn->data.buf = NULL;
> >
> > if (conn->next)
> > conn->next->prev = conn->prev;
> > @@ -235,6 +236,7 @@ static void udscs_read_complete(struct udscs_connection **connp)
> > if (!*connp) /* Was the connection disconnected by the callback ? */
> > return;
> > }
> > + free(conn->data.buf);
> >
>
> Why is conn->data.buf not set to NULL here?
>
The code is:
if (conn->read_callback) {
conn->read_callback(connp, &conn->header, conn->data.buf);
if (!*connp) /* Was the connection disconnected by the callback ? */
return;
}
free(conn->data.buf);
conn->header_read = 0;
memset(&conn->data, 0, sizeof(conn->data));
This memset should 'buf' to NULL. (can't remember if I took that into account
while writing the patch though :)
Christophe
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: not available
URL: <https://lists.freedesktop.org/archives/spice-devel/attachments/20161125/b619d35e/attachment.sig>
More information about the Spice-devel
mailing list