Attention is currently required from: daniel, laforge, pespin. fixeria has posted comments on this change by pespin. ( https://gerrit.osmocom.org/c/libosmo-sigtran/+/40327?usp=email ) Change subject: asp: Avoid double-free of received msg if conn is teared down ...................................................................... Patch Set 2: (3 comments) Patchset: PS2: This looks very similar to https://osmocom.org/issues/6728 (use-after-free/double-free in osmo-bts). If this is it, in how may other places do we have to do `talloc_steal()` before we finally agree on fixing the root problem? File src/ss7_asp.c: https://gerrit.osmocom.org/c/libosmo-sigtran/+/40327/comment/d7ce0d58_ef639… : PS2, Line 884: msg being is by What do you mean here? Is owned by iofd? https://gerrit.osmocom.org/c/libosmo-sigtran/+/40327/comment/6ed4298c_d4a50… : PS2, Line 885: which may be automatically may be what? free()d? -- To view, visit https://gerrit.osmocom.org/c/libosmo-sigtran/+/40327?usp=email To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings?usp=email Gerrit-MessageType: comment Gerrit-Project: libosmo-sigtran Gerrit-Branch: master Gerrit-Change-Id: I69f80f611c14db2b328dafd4a90247c6f2dac6fd Gerrit-Change-Number: 40327 Gerrit-PatchSet: 2 Gerrit-Owner: pespin <pespin(a)sysmocom.de> Gerrit-Reviewer: Jenkins Builder Gerrit-Reviewer: daniel <dwillmann(a)sysmocom.de> Gerrit-Reviewer: fixeria <vyanitskiy(a)sysmocom.de> Gerrit-Reviewer: laforge <laforge(a)osmocom.org> Gerrit-Reviewer: osmith <osmith(a)sysmocom.de> Gerrit-Attention: laforge <laforge(a)osmocom.org> Gerrit-Attention: pespin <pespin(a)sysmocom.de> Gerrit-Attention: daniel <dwillmann(a)sysmocom.de> Gerrit-Comment-Date: Sat, 24 May 2025 09:03:55 +0000 Gerrit-HasComments: Yes Gerrit-Has-Labels: No