prevent doubly freeing memory on invalid packet

author root <root@rhel5vm.(none)>

Thu, 5 Nov 2009 15:53:26 +0000 (16:53 +0100)

committer Ronnie Sahlberg <ronniesahlberg@gmail.com>

Fri, 6 Nov 2009 07:26:26 +0000 (18:26 +1100)
author root <root@rhel5vm.(none)>
Thu, 5 Nov 2009 15:53:26 +0000 (16:53 +0100)
committer Ronnie Sahlberg <ronniesahlberg@gmail.com>
Fri, 6 Nov 2009 07:26:26 +0000 (18:26 +1100)
diff --git a/tcp/tcp_io.c b/tcp/tcp_io.c

index 10711d1ea188422e8609a7d88cc13dd62c787be8..257446c8fc07ff8334846f3fe3682e54249a8b37 100644 (file)
--- a/tcp/tcp_io.c
+++ b/tcp/tcp_io.c
@@ -75,7 +75,15 @@ void ctdb_tcp_read_cb(uint8_t *data, size_t cnt, void *args)
         return;
  
  failed:
-       talloc_free(in);
+       /*
+        * removed the talloc_free(in) in order to prevent a double free on 'in'
+        * Questions: 
+        *  - Are we introducing a memory leak? I don't think so.
+        *  - Is there a destructor missing that removes this block from the queue
+        *    it was already added? Yes, I think this is missing.
+        *  - Why do we get such invalid packages? Hmm....
+        */
+       return;
  }
  
  /*
author	root <root@rhel5vm.(none)>
	Thu, 5 Nov 2009 15:53:26 +0000 (16:53 +0100)
committer	Ronnie Sahlberg <ronniesahlberg@gmail.com>
	Fri, 6 Nov 2009 07:26:26 +0000 (18:26 +1100)