From 8fbb6dbbbb73dc0761ad6b3b5bcf1d1dc36ceef1 Mon Sep 17 00:00:00 2001 From: Prince Kumar Dubey Date: Mon, 11 Jul 2016 22:29:04 +0900 Subject: [PATCH] If there is situation when server is closed prior to client, the client pointer pointing to server must be reset and check must be there during client deletion Summary: During mobile product testing, we got a crash with callstack which suggest server is getting deleted prior to client. On valgrind analysis we found invalid write operation with same callstack. callstack is pasted in comment section. Test Plan: create a situation where server got deleted prior to client. Reviewers: raster, cedric Subscribers: govi, rajeshps, jpeg Differential Revision: https://phab.enlightenment.org/D4152 --- src/lib/ecore_ipc/ecore_ipc.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/src/lib/ecore_ipc/ecore_ipc.c b/src/lib/ecore_ipc/ecore_ipc.c index 56de0ab43b..219c9503b6 100644 --- a/src/lib/ecore_ipc/ecore_ipc.c +++ b/src/lib/ecore_ipc/ecore_ipc.c @@ -461,7 +461,10 @@ ecore_ipc_server_del(Ecore_Ipc_Server *svr) Ecore_Ipc_Client *cl; EINA_LIST_FREE(svr->clients, cl) - ecore_ipc_client_del(cl); + { + cl->svr = NULL; + ecore_ipc_client_del(cl); + } if (svr->server) ecore_con_server_del(svr->server); servers = eina_list_remove(servers, svr); @@ -875,7 +878,8 @@ ecore_ipc_client_del(Ecore_Ipc_Client *cl) { svr = cl->svr; if (cl->client) ecore_con_client_del(cl->client); - svr->clients = eina_list_remove(svr->clients, cl); + if (ECORE_MAGIC_CHECK(svr, ECORE_MAGIC_IPC_SERVER)) + svr->clients = eina_list_remove(svr->clients, cl); if (cl->buf) free(cl->buf); ECORE_MAGIC_SET(cl, ECORE_MAGIC_NONE); free(cl);