From 56ac82056a4f7bcdb71984a320fb35cfa4ea6d4a Mon Sep 17 00:00:00 2001 From: Stefan Sperling Date: Fri, 9 Nov 2018 14:56:56 +0100 Subject: return error code from xua_srv_conn_cb() if conn is freed Allow callers of xua_srv_conn_cb() to tell whether conn was freed by returning error code EBADF, which is also used elsewhere in osmocom programs for this purpose. This is necessary because xua_srv_conn_cb() might be running inside of a loop which checks for read and then write events on the connection. If the connection is freed by xua_srv_conn_cb() as part of processing a read event, callers should avoid further processing of events. But if we don't return an error we are leaving callers none the wiser and with a dangling conn pointer. Change-Id: I7359667b2f25d6c45acc70049b2a4ee2f376a1df Related: OS#3685 --- src/osmo_ss7.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/src/osmo_ss7.c b/src/osmo_ss7.c index 9805b3b..f97876c 100644 --- a/src/osmo_ss7.c +++ b/src/osmo_ss7.c @@ -1424,9 +1424,11 @@ static int xua_srv_conn_cb(struct osmo_stream_srv *conn) __func__, rc, flags); if (rc < 0) { osmo_stream_srv_destroy(conn); + rc = -EBADF; goto out; } else if (rc == 0) { osmo_stream_srv_destroy(conn); + rc = -EBADF; goto out; } else { msgb_put(msg, rc); @@ -1440,16 +1442,18 @@ static int xua_srv_conn_cb(struct osmo_stream_srv *conn) switch (notif->sn_header.sn_type) { case SCTP_SHUTDOWN_EVENT: osmo_stream_srv_destroy(conn); + rc = -EBADF; break; case SCTP_ASSOC_CHANGE: if (notif->sn_assoc_change.sac_state == SCTP_RESTART) xua_asp_send_xlm_prim_simple(asp, OSMO_XLM_PRIM_M_SCTP_RESTART, PRIM_OP_INDICATION); + rc = 0; break; default: + rc = 0; break; } - rc = 0; goto out; } -- cgit v1.2.3