From: Christos Tsantilas Date: Fri, 22 May 2015 17:21:48 +0000 (+0300) Subject: Fix segmentation fault inside Adaptation::Icap::Xaction::swanSong X-Git-Tag: merge-candidate-3-v1~106 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=5c720aa079419876c2700ecdbcfa49d3e85ad1d4;p=thirdparty%2Fsquid.git Fix segmentation fault inside Adaptation::Icap::Xaction::swanSong The Adaptation::Icap::Xaction::swanSong may try to use an invalid Icap::Xaction::cs object (Comm::ConnOpener object) if the Comm::ConnOpener is already gone (because its job finished) but the Xaction::noteCommConnected method is not called yet. This patch makes the Adaptation::Icap::Xaction::cs object a CbcPointer instead of a raw pointer and checks if the Xaction::cs object is still valid before using it. This is a Measurement Factory project --- diff --git a/src/adaptation/icap/Xaction.cc b/src/adaptation/icap/Xaction.cc index 8449d17bca..3c9738a73e 100644 --- a/src/adaptation/icap/Xaction.cc +++ b/src/adaptation/icap/Xaction.cc @@ -217,7 +217,7 @@ Adaptation::Icap::Xaction::dnsLookupDone(const ipcache_addrs *ia) connector = JobCallback(93,3, ConnectDialer, this, Adaptation::Icap::Xaction::noteCommConnected); cs = new Comm::ConnOpener(connection, connector, TheConfig.connect_timeout(service().cfg().bypass)); cs->setHost(s.cfg().host.termedBuf()); - AsyncJob::Start(cs); + AsyncJob::Start(cs.get()); } /* @@ -590,7 +590,7 @@ void Adaptation::Icap::Xaction::setOutcome(const Adaptation::Icap::XactOutcome & void Adaptation::Icap::Xaction::swanSong() { // kids should sing first and then call the parent method. - if (cs) { + if (cs.valid()) { debugs(93,6, HERE << id << " about to notify ConnOpener!"); CallJobHere(93, 3, cs, Comm::ConnOpener, noteAbort); cs = NULL; diff --git a/src/adaptation/icap/Xaction.h b/src/adaptation/icap/Xaction.h index 70092f2cfd..3d37c439fb 100644 --- a/src/adaptation/icap/Xaction.h +++ b/src/adaptation/icap/Xaction.h @@ -12,6 +12,7 @@ #include "AccessLogEntry.h" #include "adaptation/icap/ServiceRep.h" #include "adaptation/Initiate.h" +#include "comm/ConnOpener.h" #include "comm/forward.h" #include "CommCalls.h" #include "HttpReply.h" @@ -156,7 +157,7 @@ protected: timeval icap_tio_finish; /*time when the last byte of the ICAP responsewas received*/ private: - Comm::ConnOpener *cs; + Comm::ConnOpener::Pointer cs; AsyncCall::Pointer securer; ///< whether we are securing a connection };