[S] Change in libosmo-netif[master]: stream_{cli,srv}: Free received messages when not forwarded

jolly Thu, 29 Feb 2024 00:28:16 -0800

jolly has uploaded this change for review. ( 
https://gerrit.osmocom.org/c/libosmo-netif/+/36125?usp=email )



Change subject: stream_{cli,srv}: Free received messages when not forwarded
......................................................................

stream_{cli,srv}: Free received messages when not forwarded

If a message is not forwarded (to a read callback function, it must be
freed, to prevent memory leaks.

The message musst be freed before calling osmo_stream_srv_destroy() or
stream_cli_handle_connecting(), because within the function calls the
client/server instance may get destroyed and the message is 'owned' by
it. Calling msgb_free(msg) afterwards may result in double free bug.

Related: OS#5753
Change-Id: Ic043f11cdba0df9e0b78cac8db7206800098e0ba
---
M src/stream_cli.c
M src/stream_srv.c
2 files changed, 26 insertions(+), 0 deletions(-)



  git pull ssh://gerrit.osmocom.org:29418/libosmo-netif refs/changes/25/36125/1

diff --git a/src/stream_cli.c b/src/stream_cli.c
index f9e52a0..61fb4b7 100644
--- a/src/stream_cli.c
+++ b/src/stream_cli.c
@@ -439,6 +439,7 @@

        switch (cli->state) {
        case STREAM_CLI_STATE_CONNECTING:
+               msgb_free(msg);
                stream_cli_handle_connecting(cli, res);
                break;
        case STREAM_CLI_STATE_CONNECTED:
@@ -447,6 +448,8 @@
                /* Forward message to read callback, also if the connection 
failed. */
                if (cli->iofd_read_cb)
                        cli->iofd_read_cb(cli, msg);
+               else
+                       msgb_free(msg);
                break;
        default:
                osmo_panic("%s() called with unexpected state %d\n", __func__, 
cli->state);
@@ -488,6 +491,7 @@

        switch (cli->state) {
        case STREAM_CLI_STATE_CONNECTING:
+               msgb_free(msg);
                stream_cli_handle_connecting(cli, res);
                break;
        case STREAM_CLI_STATE_CONNECTED:
@@ -496,6 +500,8 @@
                /* Forward message to read callback, also if the connection 
failed. */
                if (cli->iofd_read_cb)
                        cli->iofd_read_cb(cli, msg);
+               else
+                       msgb_free(msg);
                break;
        default:
                osmo_panic("%s() called with unexpected state %d\n", __func__, 
cli->state);
diff --git a/src/stream_srv.c b/src/stream_srv.c
index f82a9a0..852154a 100644
--- a/src/stream_srv.c
+++ b/src/stream_srv.c
@@ -562,6 +562,7 @@

        if (OSMO_UNLIKELY(res <= 0)) {
                /* This connection is dead, destroy it. */
+               msgb_free(msg);
                osmo_stream_srv_destroy(conn);
        } else {
                if (conn->flags & OSMO_STREAM_SRV_F_FLUSH_DESTROY) {
@@ -609,6 +610,7 @@

        if (OSMO_UNLIKELY(res <= 0)) {
                /* This connection is dead, destroy it. */
+               msgb_free(msg);
                osmo_stream_srv_destroy(conn);
        } else {
                if (conn->flags & OSMO_STREAM_SRV_F_FLUSH_DESTROY) {

--
To view, visit https://gerrit.osmocom.org/c/libosmo-netif/+/36125?usp=email
To unsubscribe, or for help writing mail filters, visit 
https://gerrit.osmocom.org/settings

Gerrit-Project: libosmo-netif
Gerrit-Branch: master
Gerrit-Change-Id: Ic043f11cdba0df9e0b78cac8db7206800098e0ba
Gerrit-Change-Number: 36125
Gerrit-PatchSet: 1
Gerrit-Owner: jolly <andr...@eversberg.eu>
Gerrit-MessageType: newchange

[S] Change in libosmo-netif[master]: stream_{cli,srv}: Free received messages when not forwarded

Reply via email to