cedric pushed a commit to branch master. http://git.enlightenment.org/core/efl.git/commit/?id=6ea18851ba9f345f3fc49a7c154048f2832cdfe9
commit 6ea18851ba9f345f3fc49a7c154048f2832cdfe9 Author: Bryce Harrington <[email protected]> Date: Wed Apr 12 14:38:56 2017 -0700 ecore_con: send server_upgrade event *after* clearing pending saves Summary: The _ecore_con_post_event_server_upgrade() call adds an event to free the server_upgrade object, svr, via _ecore_con_server_free(svr) so we should assume srv is freed after it returns. Thus, perform the pending_slice processing prior to calling it. Otherwise it triggers an illegal access (USE_AFTER_FREE) error in Coverity. @fix CID1373485 Reviewers: barbieri Reviewed By: barbieri Subscribers: cedric, jpeg Differential Revision: https://phab.enlightenment.org/D4785 Signed-off-by: Cedric BAIL <[email protected]> --- src/lib/ecore_con/ecore_con_legacy.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/lib/ecore_con/ecore_con_legacy.c b/src/lib/ecore_con/ecore_con_legacy.c index fd64aab..35cdef8 100644 --- a/src/lib/ecore_con/ecore_con_legacy.c +++ b/src/lib/ecore_con/ecore_con_legacy.c @@ -1347,7 +1347,6 @@ _ecore_con_server_dialer_connected(void *data, const Efl_Event *event EINA_UNUSE { svr->ssl.upgrading = EINA_FALSE; INF("svr=%p upgraded to SSL at %s (%s)", svr, efl_net_dialer_address_dial_get(svr->dialer), efl_net_socket_address_remote_get(svr->dialer)); - _ecore_con_post_event_server_upgrade(svr); if (svr->ssl.pending_send) { Eina_Slice slice = eina_binbuf_slice_get(svr->ssl.pending_send); @@ -1355,6 +1354,7 @@ _ecore_con_server_dialer_connected(void *data, const Efl_Event *event EINA_UNUSE eina_binbuf_free(svr->ssl.pending_send); svr->ssl.pending_send = NULL; } + _ecore_con_post_event_server_upgrade(svr); return; } --
