summaryrefslogtreecommitdiff
path: root/src/lib/dev.c
diff options
context:
space:
mode:
authorDimitri Staessens <[email protected]>2022-03-31 08:58:23 +0200
committerSander Vrijders <[email protected]>2022-04-01 08:09:22 +0200
commitccfcc0efcff8b3460a7870541df09d537bfeae8f (patch)
treef13dbe9792a9324c408b38bc3d444361b0cd9f58 /src/lib/dev.c
parent369400aab2b464b2ef11d30547f5ca7eee2a4b2a (diff)
downloadouroboros-ccfcc0efcff8b3460a7870541df09d537bfeae8f.tar.gz
ouroboros-ccfcc0efcff8b3460a7870541df09d537bfeae8f.zip
lib: Fix fqueue_next handling of deallocated flows
If a flow was deallocated while there were still unprocessed events in an fqueue, it would cause a SEGV in fqueue_next because it was not checking the validity of the returned flow descriptor. Signed-off-by: Dimitri Staessens <[email protected]> Signed-off-by: Sander Vrijders <[email protected]>
Diffstat (limited to 'src/lib/dev.c')
-rw-r--r--src/lib/dev.c10
1 files changed, 8 insertions, 2 deletions
diff --git a/src/lib/dev.c b/src/lib/dev.c
index 7ffc2a0a..9b413bcd 100644
--- a/src/lib/dev.c
+++ b/src/lib/dev.c
@@ -167,7 +167,7 @@ static void port_destroy(struct port * p)
while (p->state != PORT_NULL)
pthread_cond_wait(&p->state_cond, &p->state_lock);
- p->fd = -1;
+ p->fd = -1;
p->state = PORT_INIT;
pthread_mutex_unlock(&p->state_lock);
@@ -1624,6 +1624,12 @@ static int fqueue_filter(struct fqueue * fq)
pthread_rwlock_rdlock(&ai.lock);
fd = ai.ports[fq->fqueue[fq->next].flow_id].fd;
+ if (fd < 0) {
+ ++fq->next;
+ pthread_rwlock_unlock(&ai.lock);
+ continue;
+ }
+
frcti = ai.flows[fd].frcti;
if (frcti == NULL) {
pthread_rwlock_unlock(&ai.lock);
@@ -1657,7 +1663,7 @@ static int fqueue_filter(struct fqueue * fq)
++fq->next;
}
- return fq->next < fq->fqsize;
+ return 0;
}
int fqueue_next(struct fqueue * fq)