From 4fb81107bfad2fe4cbea00cb87e1b6fbb92bd869 Mon Sep 17 00:00:00 2001 From: dimitri staessens Date: Sun, 30 Oct 2016 22:33:17 +0100 Subject: ipcpd: Clean shutdown when bootstrap fails Fixes a double free (conf->dif_name) and the handling of non-created threads when the bootstrap of an IPCP fails --- src/ipcpd/ipcp.c | 6 ++++-- src/ipcpd/local/main.c | 18 ++++++++++++------ src/ipcpd/shim-eth-llc/main.c | 24 ++++++++++++++---------- src/ipcpd/shim-udp/main.c | 26 ++++++++++++++++---------- 4 files changed, 46 insertions(+), 28 deletions(-) (limited to 'src/ipcpd') diff --git a/src/ipcpd/ipcp.c b/src/ipcpd/ipcp.c index 694db7cf..b7eff3fb 100644 --- a/src/ipcpd/ipcp.c +++ b/src/ipcpd/ipcp.c @@ -234,7 +234,8 @@ void * ipcp_main_loop(void * o) int fd = -1; pthread_rwlock_rdlock(&ipcpi.state_lock); - if (ipcp_get_state() == IPCP_SHUTDOWN) { + if (ipcp_get_state() == IPCP_SHUTDOWN + || ipcp_get_state() == IPCP_NULL) { pthread_rwlock_unlock(&ipcpi.state_lock); break; } @@ -281,7 +282,8 @@ void * ipcp_main_loop(void * o) if (conf_msg->ipcp_type == IPCP_NORMAL) { conf.addr_size = conf_msg->addr_size; conf.cep_id_size = conf_msg->cep_id_size; - conf.pdu_length_size = conf_msg->pdu_length_size; + conf.pdu_length_size = + conf_msg->pdu_length_size; conf.qos_id_size = conf_msg->qos_id_size; conf.seqno_size = conf_msg->seqno_size; conf.has_ttl = conf_msg->has_ttl; diff --git a/src/ipcpd/local/main.c b/src/ipcpd/local/main.c index 412795ec..643d088d 100644 --- a/src/ipcpd/local/main.c +++ b/src/ipcpd/local/main.c @@ -140,7 +140,11 @@ void ipcp_sig_handler(int sig, siginfo_t * info, void * c) pthread_rwlock_wrlock(&ipcpi.state_lock); - ipcp_set_state(IPCP_SHUTDOWN); + if (ipcp_get_state() == IPCP_INIT) + ipcp_set_state(IPCP_NULL); + + if (ipcp_get_state() == IPCP_ENROLLED) + ipcp_set_state(IPCP_SHUTDOWN); pthread_rwlock_unlock(&ipcpi.state_lock); } @@ -154,9 +158,6 @@ static int ipcp_local_bootstrap(struct dif_config * conf) assert(conf); assert(conf->type == THIS_TYPE); - /* this IPCP doesn't need to maintain its dif_name */ - free(conf->dif_name); - pthread_rwlock_wrlock(&ipcpi.state_lock); if (ipcp_get_state() != IPCP_INIT) { @@ -165,6 +166,9 @@ static int ipcp_local_bootstrap(struct dif_config * conf) return -1; } + /* this IPCP doesn't need to maintain its dif_name */ + free(conf->dif_name); + ipcp_set_state(IPCP_ENROLLED); pthread_create(&local_data.sduloop, NULL, ipcp_local_sdu_loop, NULL); @@ -382,8 +386,10 @@ int main(int argc, char * argv[]) ipcp_fini(); - pthread_cancel(local_data.sduloop); - pthread_join(local_data.sduloop, NULL); + if (ipcp_get_state() == IPCP_SHUTDOWN) { + pthread_cancel(local_data.sduloop); + pthread_join(local_data.sduloop, NULL); + } local_data_fini(); diff --git a/src/ipcpd/shim-eth-llc/main.c b/src/ipcpd/shim-eth-llc/main.c index b7b9f783..6dcd07ef 100644 --- a/src/ipcpd/shim-eth-llc/main.c +++ b/src/ipcpd/shim-eth-llc/main.c @@ -673,7 +673,11 @@ void ipcp_sig_handler(int sig, siginfo_t * info, void * c) pthread_rwlock_wrlock(&ipcpi.state_lock); - ipcp_set_state(IPCP_SHUTDOWN); + if (ipcp_get_state() == IPCP_INIT) + ipcp_set_state(IPCP_NULL); + + if (ipcp_get_state() == IPCP_ENROLLED) + ipcp_set_state(IPCP_SHUTDOWN); pthread_rwlock_unlock(&ipcpi.state_lock); } @@ -702,9 +706,6 @@ static int eth_llc_ipcp_bootstrap(struct dif_config * conf) assert(conf); assert(conf->type == THIS_TYPE); - /* this IPCP doesn't need to maintain its dif_name */ - free(conf->dif_name); - if (conf->if_name == NULL) { LOG_ERR("Interface name is NULL."); return -1; @@ -831,7 +832,6 @@ static int eth_llc_ipcp_bootstrap(struct dif_config * conf) if (ipcp_get_state() != IPCP_INIT) { pthread_rwlock_unlock(&ipcpi.state_lock); LOG_ERR("IPCP in wrong state."); - close(skfd); return -1; } @@ -855,6 +855,9 @@ static int eth_llc_ipcp_bootstrap(struct dif_config * conf) pthread_rwlock_unlock(&ipcpi.state_lock); + /* this IPCP doesn't need to maintain its dif_name */ + free(conf->dif_name); + LOG_DBG("Bootstrapped shim IPCP over Ethernet with LLC with api %d.", getpid()); @@ -1135,11 +1138,12 @@ int main(int argc, char * argv[]) ipcp_fini(); - pthread_cancel(eth_llc_data.sdu_reader); - pthread_cancel(eth_llc_data.sdu_writer); - - pthread_join(eth_llc_data.sdu_writer, NULL); - pthread_join(eth_llc_data.sdu_reader, NULL); + if (ipcp_get_state() == IPCP_SHUTDOWN) { + pthread_cancel(eth_llc_data.sdu_reader); + pthread_cancel(eth_llc_data.sdu_writer); + pthread_join(eth_llc_data.sdu_writer, NULL); + pthread_join(eth_llc_data.sdu_reader, NULL); + } eth_llc_data_fini(); diff --git a/src/ipcpd/shim-udp/main.c b/src/ipcpd/shim-udp/main.c index c90b47a2..159176ea 100644 --- a/src/ipcpd/shim-udp/main.c +++ b/src/ipcpd/shim-udp/main.c @@ -519,7 +519,11 @@ void ipcp_sig_handler(int sig, siginfo_t * info, void * c) if (info->si_pid == irmd_api) { pthread_rwlock_wrlock(&ipcpi.state_lock); - ipcp_set_state(IPCP_SHUTDOWN); + if (ipcp_get_state() == IPCP_INIT) + ipcp_set_state(IPCP_NULL); + + if (ipcp_get_state() == IPCP_ENROLLED) + ipcp_set_state(IPCP_SHUTDOWN); pthread_rwlock_unlock(&ipcpi.state_lock); } @@ -539,9 +543,6 @@ static int ipcp_udp_bootstrap(struct dif_config * conf) assert(conf); assert(conf->type == THIS_TYPE); - /* this IPCP doesn't need to maintain its dif_name */ - free(conf->dif_name); - if (inet_ntop(AF_INET, &conf->ip_addr, ipstr, @@ -624,6 +625,9 @@ static int ipcp_udp_bootstrap(struct dif_config * conf) pthread_rwlock_unlock(&ipcpi.state_lock); + /* this IPCP doesn't need to maintain its dif_name */ + free(conf->dif_name); + LOG_DBG("Bootstrapped shim IPCP over UDP with api %d.", getpid()); LOG_DBG("Bound to IP address %s.", ipstr); LOG_DBG("DNS server address is %s.", dnsstr); @@ -1197,13 +1201,15 @@ int main(int argc, char * argv[]) ipcp_fini(); - pthread_cancel(udp_data.handler); - pthread_cancel(udp_data.sdu_reader); - pthread_cancel(udp_data.sduloop); - pthread_join(udp_data.sduloop, NULL); - pthread_join(udp_data.handler, NULL); - pthread_join(udp_data.sdu_reader, NULL); + if (ipcp_get_state() == IPCP_SHUTDOWN) { + pthread_cancel(udp_data.handler); + pthread_cancel(udp_data.sdu_reader); + pthread_cancel(udp_data.sduloop); + pthread_join(udp_data.sduloop, NULL); + pthread_join(udp_data.handler, NULL); + pthread_join(udp_data.sdu_reader, NULL); + } udp_data_fini(); -- cgit v1.2.3