Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Fixed adb crash due to accessing freed memory

Reset peers to NULL after closing them down. This prevents
other code from attempting to access that freed memory
(which prevents crashes). Previously, it left pointers to
freed memory and the "if (s->peer)" guards could not block
the attempt to access that memory later. Resolves many
crashes seen while taking repeated screenshots on WinXP.

Change-Id: I32553f4d19f6ddc9b05b6ab4dc1e9efe69e5be4f
  • Loading branch information...
commit 68dfac145720c41447d6cf892903431fd42cec10 1 parent 723054b
Tom Marlin authored tpruvot committed
Showing with 5 additions and 2 deletions.
  1. +5 −2 adb/sockets.c
View
7 adb/sockets.c
@@ -218,10 +218,12 @@ static void local_socket_close_locked(asocket *s)
if(s->peer) {
s->peer->peer = 0;
// tweak to avoid deadlock
- if (s->peer->close == local_socket_close)
+ if (s->peer->close == local_socket_close) {
local_socket_close_locked(s->peer);
- else
+ } else {
s->peer->close(s->peer);
+ }
+ s->peer = 0;
}
/* If we are already closing, or if there are no
@@ -753,6 +755,7 @@ static void smart_socket_close(asocket *s)
if(s->peer) {
s->peer->peer = 0;
s->peer->close(s->peer);
+ s->peer = 0;
}
free(s);
}
Please sign in to comment.
Something went wrong with that request. Please try again.