From: Ondřej Surý Date: Fri, 27 Oct 2023 08:16:13 +0000 (+0200) Subject: Call isccc_ccmsg_invalidate() when shutting down the connection X-Git-Tag: v9.19.18~15^2 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=2d2c249958d3f983e77bdecaf4bfc4553dacad62;p=thirdparty%2Fbind9.git Call isccc_ccmsg_invalidate() when shutting down the connection Previously, the isccc_ccmsg_invalidate() was called from conn_free() and this could lead to netmgr calling control_recvmessage() after we detached the reading controlconnection_t reference, but it wouldn't be the last reference because controlconnection_t is also attached/detached when sending response or running command asynchronously. Instead, move the isccc_ccmsg_invalidate() call to control_recvmessage() error handling path to make sure that control_recvmessage() won't be ever called again from the netmgr. --- diff --git a/bin/named/controlconf.c b/bin/named/controlconf.c index 5dbc97106f3..3b8b3f5f2b4 100644 --- a/bin/named/controlconf.c +++ b/bin/named/controlconf.c @@ -407,9 +407,7 @@ control_recvmessage(isc_nmhandle_t *handle ISC_ATTR_UNUSED, isc_result_t result, isccc_time_t exp; uint32_t nonce; - if (conn->shuttingdown) { - return; - } + INSIST(!conn->shuttingdown); /* Is the server shutting down? */ if (listener->controls->shuttingdown) { @@ -539,6 +537,9 @@ control_recvmessage(isc_nmhandle_t *handle ISC_ATTR_UNUSED, isc_result_t result, return; cleanup: + /* Make sure no read callbacks are called again */ + isccc_ccmsg_invalidate(&conn->ccmsg); + conn->shuttingdown = true; REQUIRE(isc_tid() == 0); @@ -564,8 +565,6 @@ conn_free(controlconnection_t *conn) { } #endif /* ifdef ENABLE_AFL */ - isccc_ccmsg_invalidate(&conn->ccmsg); - isc_log_write(named_g_lctx, NAMED_LOGCATEGORY_GENERAL, NAMED_LOGMODULE_CONTROL, ISC_LOG_DEBUG(3), "freeing control connection");