From ff3018ab3d5c2838f7916c5fedf916f5ce119258 Mon Sep 17 00:00:00 2001 From: Garrett D'Amore Date: Mon, 7 Aug 2017 22:56:06 -0700 Subject: Don't clear the AIO provider data in finish. The finish routine can race against an asynchronous cancellation, so we must not clear the data pointer, or we can wind up with a NULL pointer dereference. --- src/core/aio.c | 1 - src/core/socket.c | 2 +- 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/src/core/aio.c b/src/core/aio.c index 273ce22e..3c85b78d 100644 --- a/src/core/aio.c +++ b/src/core/aio.c @@ -187,7 +187,6 @@ nni_aio_finish_impl( aio->a_result = result; aio->a_count = count; aio->a_prov_cancel = NULL; - aio->a_prov_data = NULL; if (pipe) { aio->a_pipe = pipe; } diff --git a/src/core/socket.c b/src/core/socket.c index 57f54008..e59f6042 100644 --- a/src/core/socket.c +++ b/src/core/socket.c @@ -614,7 +614,7 @@ nni_sock_ep_remove(nni_sock *sock, nni_ep *ep) // Note that if the ep is not on a list, then we assume that we have // exclusive access. Therefore the check for being active need not // be locked. - if ((sock == NULL) || (!nni_list_active(&sock->s_eps, ep))) { + if (!nni_list_node_active(&ep->ep_node)) { return; } -- cgit v1.2.3-70-g09d2