When freeing a connection remove also all the cached entries related to this connection, otherwise if we access this cached entry through another valid connection, we will hit memory corruption bugs.
Signed-off-by: Djalal Harouni <tix...@opendz.org> --- connection.c | 4 +++- domain.h | 2 +- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/connection.c b/connection.c index 542f677..6566117 100644 --- a/connection.c +++ b/connection.c @@ -1545,8 +1545,10 @@ static void __kdbus_conn_free(struct kref *kref) if (conn->ep->policy_db) kdbus_policy_remove_conn(conn->ep->policy_db, conn); - if (conn->bus->policy_db) + if (conn->bus->policy_db) { + kdbus_policy_remove_conn(conn->bus->policy_db, conn); kdbus_policy_remove_owner(conn->bus->policy_db, conn); + } kdbus_meta_free(conn->owner_meta); kdbus_match_db_free(conn->match_db); diff --git a/domain.h b/domain.h index 91a7d5e..9c477db 100644 --- a/domain.h +++ b/domain.h @@ -71,7 +71,7 @@ struct kdbus_domain { /** * struct kdbus_domain_user - resource accounting for users * @kref: Reference counter - * @domain: Domain of the user + * @domain: Domain of the user * @hentry: Entry in domain user map * @idr: Smalles possible index number of all users * @uid: UID of the user -- 1.9.0 _______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel