Bug 12673

Summary: [patch] fix possible crash in dbus_connection_send_with_reply
Product: dbus Reporter: Kimmo Hämäläinen <kimmo.hamalainen>
Component: coreAssignee: Havoc Pennington <hp>
Status: RESOLVED FIXED QA Contact: John (J5) Palmieri <johnp>
Severity: normal    
Priority: medium    
Version: unspecified   
Hardware: Other   
OS: All   
Whiteboard:
i915 platform: i915 features:
Attachments: proposed patch

Description Kimmo Hämäläinen 2007-10-04 05:05:51 UTC 
This crash would happen if NULL was passed as the pending_return argument and the connection was disconnected. I'll attach a patch.
Comment 1 Kimmo Hämäläinen 2007-10-04 05:06:40 UTC 
Created attachment 11897 [details] [review]
proposed patch
Comment 2 Havoc Pennington 2007-10-04 07:03:46 UTC 
Shouldn't it add an "if (pending_return)" instead of removing the assignment? (Was it already assigned to earlier in the code?)
Comment 3 Kimmo Hämäläinen 2007-10-04 23:22:14 UTC 
(In reply to comment #2)
> Shouldn't it add an "if (pending_return)" instead of removing the assignment?
> (Was it already assigned to earlier in the code?)

There is already a NULL assignment before that:

  if (pending_return)
    *pending_return = NULL;

  CONNECTION_LOCK (connection);

   if (!_dbus_connection_get_is_connected_unlocked (connection))
    {
      CONNECTION_UNLOCK (connection);

      *pending_return = NULL;

      return TRUE;
    }
Comment 4 John (J5) Palmieri 2008-01-15 12:24:48 UTC 
committed, thanks

Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.