the ctdb structure must make its own copy of the ->address field and not just

copy the content of the nodes structure.

this ctdb_address structure contains a pointer which is talloced hanging off the structure itself.
If we copy the content of this structure as we did in assigning to ctdb->address from nodes[i]
then if we talloc_free() the node structure we end up with a wild pointer in ctdb->address

diff --git a/tcp/tcp_connect.c b/tcp/tcp_connect.c
index 1bad440d01a845db46d860b691a78c5700f896f3..f85e3dfdebe39e96401db65cd8ce090f9d3bf62a 100644 (file)
--- a/tcp/tcp_connect.c
+++ b/tcp/tcp_connect.c
@@ -302,7 +302,8 @@ static int ctdb_tcp_listen_automatic(struct ctdb_context *ctdb)
                DEBUG(DEBUG_CRIT,("Unable to bind to any of the node addresses - giving up\n"));
                goto failed;
        }
-       ctdb->address = ctdb->nodes[i]->address;
+       ctdb->address.address = talloc_strdup(ctdb, ctdb->nodes[i]->address.address);
+       ctdb->address.port    = ctdb->nodes[i]->address.port;
        ctdb->name = talloc_asprintf(ctdb, "%s:%u", 
                                     ctdb->address.address, 
                                     ctdb->address.port);
@@ -363,7 +364,7 @@ int ctdb_tcp_listen(struct ctdb_context *ctdb)
 #endif
        sock.sin_port = htons(ctdb->address.port);
        sock.sin_family = PF_INET;
-       
+
        if (ctdb_tcp_get_address(ctdb, ctdb->address.address, 
                                 &sock.sin_addr) != 0) {
                goto failed;