Hi Martin,
On 10/8/19 1:44 PM, Martin Hundebøll wrote:
With the reference in place in received_data(), the address sanitizer
now encounters a use-after-free when the destroy notification is
dispatched for the read watcher (see below).
Fix this by remove the destroy notification callback, as it
Hi Martin,
On 10/8/19 1:44 PM, Martin Hundebøll wrote:
When closing down a cmux object, the address sanitizer detects a
use-after-free in gatmux.c (see below).
Avoid this by taking a reference to the mux object during the processing
in received_data().
Applied, thanks.
Regards,
-Denis
_
Hi Martin,
I'm afraid this isn't enough, as I still get use-after-free when
using gatmux in the quectel plugin (see attached log).
That buffer size check is a bit dubious and should never happen in
practice, it is also something that one cannot recover from if the
condition does get hit. I
On 08/10/2019 06.06, Denis Kenzior wrote:
On 10/7/19 1:37 PM, Martin Hundebøll wrote:
Why not do something like:
g_at_mux_ref(mux);
for (i = 1; i <= MAX_CHANNELS && !mux->shutdown; i++) {
int offset = i / 8;
int bit
Hi Denis,
On 08/10/2019 06.08, Denis Kenzior wrote:
@@ -646,13 +653,6 @@ void g_at_mux_unref(GAtMux *mux)
}
}
-static void read_watcher_destroy_notify(gpointer user_data)
-{
- GAtMux *mux = user_data;
-
- mux->read_watch = 0;
-}
-
gboolean g_at_mux_start(GAtMux *mux)
{
if
With the reference in place in received_data(), the address sanitizer
now encounters a use-after-free when the destroy notification is
dispatched for the read watcher (see below).
Fix this by remove the destroy notification callback, as it isn't really
used except in the shutdown function.
==5797
When closing down a cmux object, the address sanitizer detects a
use-after-free in gatmux.c (see below).
Avoid this by taking a reference to the mux object during the processing
in received_data().
ofonod[3640549]: ../git/plugins/quectel.c:cfun_disable() 0x61000b40
ofonod[3640549]: ../git/plu