projects / ipfire-3.x.git / blame
| Commit | Line | Data |
|---|---|---|
| 7d288e76 MT |
1 | Fri Jun 4 10:54:04 2010 Jan Just Keijser <jan.just.keijser@gmail.com> |
| 2 | ||
| 3 | * pptp_ctrl.c: check for failure return by pptp_send_ctrl_packet | |
| 4 | and avoid using freed struct conn. | |
| 5 | ||
| 6 | --- a/pptp_ctrl.c 2010-06-15 15:05:46.743913798 +0100 | |
| 7 | +++ b/pptp_ctrl.c 2010-06-15 14:32:00.480100647 +0100 | |
| 8 | @@ -396,9 +400,10 @@ | |
| 9 | /* don't check state against WAIT_DISCONNECT... allow multiple disconnect | |
| 10 | * requests to be made. | |
| 11 | */ | |
| 12 | - pptp_send_ctrl_packet(conn, &rqst, sizeof(rqst)); | |
| 13 | - pptp_reset_timer(); | |
| 14 | - call->state.pns = PNS_WAIT_DISCONNECT; | |
| 15 | + if (pptp_send_ctrl_packet(conn, &rqst, sizeof(rqst))) { | |
| 16 | + pptp_reset_timer(); | |
| 17 | + call->state.pns = PNS_WAIT_DISCONNECT; | |
| 18 | + } | |
| 19 | /* call structure will be freed when we have confirmation of disconnect. */ | |
| 20 | } | |
| 21 | ||
| 22 | @@ -431,9 +436,10 @@ | |
| 23 | pptp_call_close(conn, vector_get_Nth(conn->call, i)); | |
| 24 | /* now close connection */ | |
| 25 | log("Closing PPTP connection"); | |
| 26 | - pptp_send_ctrl_packet(conn, &rqst, sizeof(rqst)); | |
| 27 | - pptp_reset_timer(); /* wait 60 seconds for reply */ | |
| 28 | - conn->conn_state = CONN_WAIT_STOP_REPLY; | |
| 29 | + if (pptp_send_ctrl_packet(conn, &rqst, sizeof(rqst))) { | |
| 30 | + pptp_reset_timer(); /* wait 60 seconds for reply */ | |
| 31 | + conn->conn_state = CONN_WAIT_STOP_REPLY; | |
| 32 | + } | |
| 33 | return; | |
| 34 | } | |
| 35 | ||
| 36 | @@ -733,8 +739,8 @@ | |
| 37 | reply.version = packet->version; | |
| 38 | /* protocol version not supported */ | |
| 39 | reply.result_code = hton8(5); | |
| 40 | - pptp_send_ctrl_packet(conn, &reply, sizeof(reply)); | |
| 41 | - pptp_reset_timer(); /* give sender a chance for a retry */ | |
| 42 | + if (pptp_send_ctrl_packet(conn, &reply, sizeof(reply))) | |
| 43 | + pptp_reset_timer(); /* give sender a chance for a retry */ | |
| 44 | } else { /* same or greater version */ | |
| 45 | if (pptp_send_ctrl_packet(conn, &reply, sizeof(reply))) { | |
| 46 | conn->conn_state = CONN_ESTABLISHED; | |
| 47 | @@ -841,8 +847,8 @@ | |
| 48 | hton8(1), hton8(PPTP_GENERAL_ERROR_NONE), 0 | |
| 49 | }; | |
| 50 | logecho( PPTP_ECHO_RQST); | |
| 51 | - pptp_send_ctrl_packet(conn, &reply, sizeof(reply)); | |
| 52 | - pptp_reset_timer(); | |
| 53 | + if (pptp_send_ctrl_packet(conn, &reply, sizeof(reply))) | |
| 54 | + pptp_reset_timer(); | |
| 55 | break; | |
| 56 | } | |
| 57 | /* ----------- OUTGOING CALL MESSAGES ------------ */ | |
| 58 | @@ -928,9 +935,10 @@ | |
| 59 | vector_search(conn->call, ntoh16(packet->call_id), &call); | |
| 60 | if (call->callback != NULL) | |
| 61 | call->callback(conn, call, CALL_CLOSE_RQST); | |
| 62 | - pptp_send_ctrl_packet(conn, &reply, sizeof(reply)); | |
| 63 | - pptp_call_destroy(conn, call); | |
| 64 | - log("Call closed (RQST) (call id %d)", (int) call->call_id); | |
| 65 | + if (pptp_send_ctrl_packet(conn, &reply, sizeof(reply))) { | |
| 66 | + pptp_call_destroy(conn, call); | |
| 67 | + log("Call closed (RQST) (call id %d)", (int) call->call_id); | |
| 68 | + } | |
| 69 | } | |
| 70 | break; | |
| 71 | } | |
| 72 | @@ -1067,8 +1075,9 @@ | |
| 73 | } else { /* ka_state == NONE */ /* send keep-alive */ | |
| 74 | struct pptp_echo_rqst rqst = { | |
| 75 | PPTP_HEADER_CTRL(PPTP_ECHO_RQST), hton32(global.conn->ka_id) }; | |
| 76 | - pptp_send_ctrl_packet(global.conn, &rqst, sizeof(rqst)); | |
| 77 | - global.conn->ka_state = KA_OUTSTANDING; | |
| 78 | + if (pptp_send_ctrl_packet(global.conn, &rqst, sizeof(rqst))) { | |
| 79 | + global.conn->ka_state = KA_OUTSTANDING; | |
| 80 | + } | |
| 81 | } | |
| 82 | /* check incoming/outgoing call states for !IDLE && !ESTABLISHED */ | |
| 83 | for (i = 0; i < vector_size(global.conn->call); i++) { |