Permalink
Browse files

Fix threaded query's result handle access rights (#567)

Plugins were able to close the results handle in the threaded query
callback causing a double free crash. The access rights are setup right
before the handle is created, but weren't used.
1 parent 9eae3c7 commit 0178c20f5053570c2ae2a9a68134a2f8d44f0d89 @peace-maker peace-maker committed with KyleSanderson Dec 12, 2016
Showing with 1 addition and 4 deletions.
  1. +1 −4 core/logic/smn_database.cpp
@@ -249,17 +249,14 @@ class TQueryOp : public IDBThreadOperation
{
/* Create a Handle for our query */
HandleSecurity sec(me->GetIdentity(), g_pCoreIdent);
- HandleAccess access;
- handlesys->InitAccessDefaults(NULL, &access);
- access.access[HandleAccess_Delete] = HANDLE_RESTRICT_IDENTITY|HANDLE_RESTRICT_OWNER;
Handle_t qh = BAD_HANDLE;
if (m_pQuery)
{
CombinedQuery *c = new CombinedQuery(m_pQuery, m_pDatabase);
- qh = handlesys->CreateHandle(hCombinedQueryType, c, me->GetIdentity(), g_pCoreIdent, NULL);
+ qh = CreateLocalHandle(hCombinedQueryType, c, &sec);
if (qh != BAD_HANDLE)
{
m_pQuery = NULL;

0 comments on commit 0178c20

Please sign in to comment.