shaba/systemd-stable
1
1
Fork 0
mirror of https://github.com/systemd/systemd-stable.git synced 2025-02-18 17:57:27 +03:00
Code

resolve: fix potential memleak and use-after-free

Browse Source 
When stub stream is closed early, then queries associated to the stream
are freed. Previously, the timer event source for queries may not be
disabled, hence may be triggered with already freed query.
See also dns_stub_stream_complete().

Note that we usually not set NULL or zero when freeing simple objects.
But, here DnsQuery is large and complicated object, and the element may
be referenced in subsequent freeing process in the future. Hence, for
safety, let's set NULL to the pointer.
This commit is contained in:
Yu Watanabe 2022-02-05 21:37:01 +09:00
parent ec82f867ee
commit 73bfd7be04
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/resolve/resolved-dns-query.c
View File

@ -381,6 +381,8 @@ DnsQuery *dns_query_free(DnsQuery *q) {
if (!q)
return NULL;
q->timeout_event_source = sd_event_source_disable_unref(q->timeout_event_source);
while (q->auxiliary_queries)
dns_query_free(q->auxiliary_queries);