Commit 774abe7b authored May 13, 2011 by Tom Marlin Committed by Xavier Ducrohet Jun 14, 2011

Cherry-pick 49f1857d from master. do not merge.

Fixed adb crash due to accessing freed memory

Reset peers to NULL after closing them down. This prevents
other code from attempting to access that freed memory
(which prevents crashes). Previously, it left pointers to
freed memory and the "if (s->peer)" guards could not block
the attempt to access that memory later. Resolves many
crashes seen while taking repeated screenshots on WinXP.

Change-Id: I2697ba09971f2e0b51ff5c5e89a6fa20ebafb2c4

parent fbcb1883

adb/sockets.c

+5 −2

Original line number	Diff line number	Diff line
		@@ -221,11 +221,13 @@ static void local_socket_close_locked(asocket *s)
		if(s->peer) {
		s->peer->peer = 0;
		// tweak to avoid deadlock
		if (s->peer->close == local_socket_close)
		if (s->peer->close == local_socket_close) {
		local_socket_close_locked(s->peer);
		else
		} else {
		s->peer->close(s->peer);
		}
		s->peer = 0;
		}

		/* If we are already closing, or if there are no
		** pending packets, destroy immediately
		@@ -756,6 +758,7 @@ static void smart_socket_close(asocket *s)
		if(s->peer) {
		s->peer->peer = 0;
		s->peer->close(s->peer);
		s->peer = 0;
		}
		free(s);
		}