[glib/1896-use-after-free-when-calling-g_dbus_connection_flush_sync-in-a-dedicated-thread] gdbus: Use after free when calling g_dbus_connection_flush_sync() in a dedicated thread

From: Milan Crha <mcrha src gnome org>
To: commits-list gnome org
Cc:
Subject: [glib/1896-use-after-free-when-calling-g_dbus_connection_flush_sync-in-a-dedicated-thread] gdbus: Use after free when calling g_dbus_connection_flush_sync() in a dedicated thread
Date: Tue, 8 Oct 2019 16:43:12 +0000 (UTC)

commit 39690a329f1792bffd9874c3e371621ac31279c8
Author: Milan Crha <mcrha redhat com>
Date:   Tue Oct 8 18:42:01 2019 +0200

    gdbus: Use after free when calling g_dbus_connection_flush_sync() in a dedicated thread
    
    Closes #1896

 gio/gdbusprivate.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)
---
diff --git a/gio/gdbusprivate.c b/gio/gdbusprivate.c
index 0421ca56c..6a524c37b 100644
--- a/gio/gdbusprivate.c
+++ b/gio/gdbusprivate.c
@@ -1791,12 +1791,10 @@ _g_dbus_worker_flush_sync (GDBusWorker    *worker,
 
       schedule_writing_unlocked (worker, NULL, data, NULL);
     }
-  g_mutex_unlock (&worker->write_lock);
 
   if (data != NULL)
     {
       /* Wait for flush operations to finish. */
-      g_mutex_lock (&worker->write_lock);
       while (worker->write_num_messages_flushed < data->number_to_wait_for)
         {
           g_mutex_unlock (&worker->write_lock);
@@ -1815,6 +1813,8 @@ _g_dbus_worker_flush_sync (GDBusWorker    *worker,
         }
       g_free (data);
     }
+   else
+    g_mutex_unlock (&worker->write_lock);
 
   return ret;
 }

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]