From 90a1272cb740ba1132f5ed9b360f0a1fc2ea6216 Mon Sep 17 00:00:00 2001 From: Simon McVittie Date: Fri, 25 Feb 2011 18:11:51 +0000 Subject: [PATCH 10/10] dbus_connection_dispatch: avoid freeing UnknownMethod reply until we unlock Bug: https://bugs.freedesktop.org/show_bug.cgi?id=34393 --- dbus/dbus-connection.c | 20 ++++++++++++++++---- 1 files changed, 16 insertions(+), 4 deletions(-) diff --git a/dbus/dbus-connection.c b/dbus/dbus-connection.c index d1f6ded..241c8f1 100644 --- a/dbus/dbus-connection.c +++ b/dbus/dbus-connection.c @@ -4737,10 +4737,11 @@ dbus_connection_dispatch (DBusConnection *connection) DBusMessage *reply; DBusString str; DBusPreallocatedSend *preallocated; + DBusList *expire_link; _dbus_verbose (" sending error %s\n", DBUS_ERROR_UNKNOWN_METHOD); - + if (!_dbus_string_init (&str)) { result = DBUS_HANDLER_RESULT_NEED_MEMORY; @@ -4771,11 +4772,22 @@ dbus_connection_dispatch (DBusConnection *connection) _dbus_verbose ("no memory for error reply in dispatch\n"); goto out; } - + + expire_link = _dbus_list_alloc_link (reply); + + if (expire_link == NULL) + { + dbus_message_unref (reply); + result = DBUS_HANDLER_RESULT_NEED_MEMORY; + _dbus_verbose ("no memory for error send in dispatch\n"); + goto out; + } + preallocated = _dbus_connection_preallocate_send_unlocked (connection); if (preallocated == NULL) { + _dbus_list_free_link (expire_link); /* It's OK that this is finalized, because it hasn't been seen by * anything that could attach user callbacks */ dbus_message_unref (reply); @@ -4786,9 +4798,9 @@ dbus_connection_dispatch (DBusConnection *connection) _dbus_connection_send_preallocated_unlocked_no_update (connection, preallocated, reply, NULL); + /* reply will be freed when we release the lock */ + _dbus_list_prepend_link (&connection->expired_messages, expire_link); - dbus_message_unref (reply); - result = DBUS_HANDLER_RESULT_HANDLED; } -- 1.7.4.1