diff options
| author | Aleksander Morgado <aleksander@aleksander.es> | 2017-10-05 23:19:22 +0200 |
|---|---|---|
| committer | Aleksander Morgado <aleksander@aleksander.es> | 2017-10-05 23:19:22 +0200 |
| commit | 48850f21b423deee3553f24df460e45c73d049cb (patch) | |
| tree | 761c13ddfde85af0d79df4c75ed020cb98d816c7 /src/mm-plugin-manager.c | |
| parent | 54b21292b1dee863075ed8074526676df2d836bf (diff) | |
port-serial: avoid invalid memory write on cancellation logic
If the GCancellable is already cancelled when trying to connect a
signal, the callback given will be run right away, and that may end up
completing the async task and removing the last MMPortSerial
reference.
==30627== Invalid write of size 8
==30627== at 0x1ED43B: port_serial_queue_process (mm-port-serial.c:812)
==30627== by 0x66DE342: ??? (in /usr/lib/libglib-2.0.so.0.5200.3)
==30627== by 0x66DD8C4: g_main_context_dispatch (in /usr/lib/libglib-2.0.so.0.5200.3)
==30627== by 0x66DDC87: ??? (in /usr/lib/libglib-2.0.so.0.5200.3)
==30627== by 0x66DDFA1: g_main_loop_run (in /usr/lib/libglib-2.0.so.0.5200.3)
==30627== by 0x143F9B: main (main.c:180)
==30627== Address 0xf6f0e98 is 200 bytes inside a block of size 328 free'd
==30627== at 0x4C2E14B: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==30627== by 0x64742B2: g_type_free_instance (in /usr/lib/libgobject-2.0.so.0.5200.3)
==30627== by 0x1ED0F2: port_serial_got_response (mm-port-serial.c:704)
==30627== by 0x1ED21B: port_serial_response_wait_cancelled (mm-port-serial.c:757)
==30627== by 0x60E1A81: g_cancellable_connect (in /usr/lib/libgio-2.0.so.0.5200.3)
==30627== by 0x1ED43A: port_serial_queue_process (mm-port-serial.c:812)
==30627== by 0x66DE342: ??? (in /usr/lib/libglib-2.0.so.0.5200.3)
==30627== by 0x66DD8C4: g_main_context_dispatch (in /usr/lib/libglib-2.0.so.0.5200.3)
==30627== by 0x66DDC87: ??? (in /usr/lib/libglib-2.0.so.0.5200.3)
==30627== by 0x66DDFA1: g_main_loop_run (in /usr/lib/libglib-2.0.so.0.5200.3)
==30627== by 0x143F9B: main (main.c:180)
==30627== Block was alloc'd at
==30627== at 0x4C2CE5F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==30627== by 0x66E3028: g_malloc (in /usr/lib/libglib-2.0.so.0.5200.3)
==30627== by 0x66FAB25: g_slice_alloc (in /usr/lib/libglib-2.0.so.0.5200.3)
==30627== by 0x66FAFB8: g_slice_alloc0 (in /usr/lib/libglib-2.0.so.0.5200.3)
==30627== by 0x6473FB5: g_type_create_instance (in /usr/lib/libgobject-2.0.so.0.5200.3)
==30627== by 0x6455027: ??? (in /usr/lib/libgobject-2.0.so.0.5200.3)
==30627== by 0x6456DBC: g_object_new_valist (in /usr/lib/libgobject-2.0.so.0.5200.3)
==30627== by 0x6457200: g_object_new (in /usr/lib/libgobject-2.0.so.0.5200.3)
==30627== by 0x1F253A: mm_port_serial_at_new (mm-port-serial-at.c:533)
==30627== by 0x1AC7E7: serial_open_at (mm-port-probe.c:1210)
==30627== by 0x66DD8C4: g_main_context_dispatch (in /usr/lib/libglib-2.0.so.0.5200.3)
==30627== by 0x66DDC87: ??? (in /usr/lib/libglib-2.0.so.0.5200.3)
Diffstat (limited to 'src/mm-plugin-manager.c')
0 files changed, 0 insertions, 0 deletions