pespin submitted this change.
osmo_io: Fix msgb memleak if iofd is unregistered during write_cb with >1 io buffers
The msgbs are not allocated under the msghdr, hence if user unregistered
the iofd we need to manually free all remaining msgbs when freeing the
msghdr.
Change-Id: I579bc2142bba02947021c47d94bf2fe4f2040b01
---
M src/core/osmo_io.c
1 file changed, 11 insertions(+), 2 deletions(-)
diff --git a/src/core/osmo_io.c b/src/core/osmo_io.c
index 2a20405..ddf77ec 100644
--- a/src/core/osmo_io.c
+++ b/src/core/osmo_io.c
@@ -553,7 +553,7 @@
/* The user can unregister/close the iofd during callback above. */
if (!IOFD_FLAG_ISSET(iofd, IOFD_FLAG_FD_REGISTERED))
- break;
+ goto free_remaining_idx;
}
iofd_msghdr_free(msghdr);
return;
@@ -606,9 +606,18 @@
/* The user can unregister/close the iofd during callback above. */
if (!IOFD_FLAG_ISSET(iofd, IOFD_FLAG_FD_REGISTERED))
- break;
+ goto free_remaining_idx;
}
iofd_msghdr_free(msghdr);
+ return;
+
+free_remaining_idx:
+ for (idx = idx + 1; idx < msghdr->io_len; idx++) {
+ msgb_free(msghdr->msg[idx]);
+ msghdr->msg[idx] = NULL;
+ }
+ iofd_msghdr_free(msghdr);
+ return;
}
/* Public functions */
To view, visit change 42412. To unsubscribe, or for help writing mail filters, visit settings.