[patch] Accessing freed memory crash
- From: Mikulas Patocka <mikulas artax karlin mff cuni cz>
- To: mc-devel gnome org
- Subject: [patch] Accessing freed memory crash
- Date: Fri, 11 Aug 2006 01:49:48 +0200 (CEST)
Hi
check_selects calls a callback when there is an event on handle. The
callback itself can remove the event with delete_select_channel --- when
it happens, check_selects accesses defunct p->next pointer and crash may
happen. (I reproduced crash on this when inserting sleep(1) somewhere in
background-handling code to debug unrelated issues --- it is likely that
the crash may happen normally too, but with small probability).
This is the fix:
--- key.c_ 2006-08-11 01:49:19.000000000 +0200
+++ key.c 2006-08-11 01:49:31.000000000 +0200
@@ -185,9 +185,13 @@
if (disabled_channels)
return;
+ retry:
for (p = select_list; p; p = p->next)
- if (FD_ISSET (p->fd, select_set))
+ if (FD_ISSET (p->fd, select_set)) {
+ FD_CLR (p->fd, select_set);
(*p->callback)(p->fd, p->info);
+ goto retry;
+ }
}
void channels_down (void)
Mikulas
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
