From 2b6f360a5087f076d7ca4330d17bae38e40dc004 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Sat, 21 Sep 2013 02:59:24 +0200 Subject: [PATCH] librpc/rpc/binding_handle.c deadlock... --- librpc/rpc/binding_handle.c | 30 ++++++++++++++++++++++++++++-- 1 file changed, 28 insertions(+), 2 deletions(-) diff --git a/librpc/rpc/binding_handle.c b/librpc/rpc/binding_handle.c index 779180174f20..4f83bb7dc4ec 100644 --- a/librpc/rpc/binding_handle.c +++ b/librpc/rpc/binding_handle.c @@ -473,6 +473,7 @@ struct dcerpc_binding_handle_call_params_state { static void dcerpc_binding_handle_call_params_in_done(struct tevent_req *subreq); static void dcerpc_binding_handle_call_params_next_pipe(struct tevent_req *req); static void dcerpc_binding_handle_call_params_done(struct tevent_req *subreq); +static void dcerpc_binding_handle_call_params_response(struct tevent_req *req); static void dcerpc_binding_handle_call_params_pipe_setup(struct tevent_req *call_req); static void dcerpc_binding_handle_call_params_pipe_notify(struct dcerpc_pipe_handle *p); @@ -594,6 +595,7 @@ struct tevent_req *dcerpc_binding_handle_call_params_send(TALLOC_CTX *mem_ctx, } if (state->in_flags & LIBNDR_FLAG_INCOMPLETE_BUFFER) { + tevent_req_defer_callback(req, ev); dcerpc_binding_handle_call_params_pipe_setup(req); if (!tevent_req_is_in_progress(req)) { return tevent_req_post(req, ev); @@ -731,6 +733,16 @@ static void dcerpc_binding_handle_call_params_next_pipe(struct tevent_req *req) return; } state->out_pipe_idx = UINT32_MAX; + + if (state->pull == NULL) { + return; + } + + if (state->pull->flags & LIBNDR_FLAG_INCOMPLETE_BUFFER) { + return; + } + + dcerpc_binding_handle_call_params_response(req); } static void dcerpc_binding_handle_call_params_done(struct tevent_req *subreq) @@ -809,6 +821,18 @@ static void dcerpc_binding_handle_call_params_done(struct tevent_req *subreq) return; } + dcerpc_binding_handle_call_params_response(req); +} + +static void dcerpc_binding_handle_call_params_response(struct tevent_req *req) +{ + struct dcerpc_binding_handle_call_params_state *state = + tevent_req_data(req, + struct dcerpc_binding_handle_call_params_state); + struct dcerpc_binding_handle *h = state->h; + NTSTATUS error; + enum ndr_err_code ndr_err; + state->pull->current_mem_ctx = state->params->r_mem; /* pull the structure from the blob */ @@ -906,6 +930,8 @@ static struct tevent_req *dcerpc_binding_handle_call_params_push_send(TALLOC_CTX state->ev = ev; state->p = p; + tevent_req_defer_callback(req, state->ev); + talloc_set_destructor(state, dcerpc_binding_handle_call_params_push_state_destructor); @@ -1013,7 +1039,6 @@ static void dcerpc_binding_handle_call_params_push_done(struct tevent_req *subre return; } - tevent_req_defer_callback(req, state->ev); tevent_req_done(req); dcerpc_binding_handle_call_params_next_pipe(pp->call_req); } @@ -1072,6 +1097,8 @@ static struct tevent_req *dcerpc_binding_handle_call_params_pull_send(TALLOC_CTX state->chunk_mem = chunk_mem; state->chunk_ptr = chunk_ptr; + tevent_req_defer_callback(req, state->ev); + dcerpc_binding_handle_call_params_pull_notify(req); if (!tevent_req_is_in_progress(req)) { return tevent_req_post(req, ev); @@ -1165,7 +1192,6 @@ static void dcerpc_binding_handle_call_params_pull_notify(struct tevent_req *req return; } - tevent_req_defer_callback(req, state->ev); tevent_req_done(req); dcerpc_binding_handle_call_params_next_pipe(pp->call_req); -- 2.34.1