summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRiza Sulistyo <riza@teluu.com>2016-11-01 04:10:17 +0000
committerRiza Sulistyo <riza@teluu.com>2016-11-01 04:10:17 +0000
commitca2a5c2d6759dbe0cc2adbbb6283189a89d4819a (patch)
tree88c992bc1a26353ce4851b696b59df7218175fc0
parent5a30bbc8b89a334ab5e92f7355bacd307f2fa87f (diff)
Re #1974: Fix DNS write on freed memory.
Thanks to Richard Mudgett for the patch. git-svn-id: http://svn.pjsip.org/repos/pjproject/trunk@5477 74dad513-b988-da41-8d7b-12977e46ad98
Diffstat
-rw-r--r--pjlib-util/src/pjlib-util/resolver.c8
1 files changed, 7 insertions, 1 deletions
diff --git a/pjlib-util/src/pjlib-util/resolver.c b/pjlib-util/src/pjlib-util/resolver.c
index cfca16ad..890f89d9 100644
--- a/pjlib-util/src/pjlib-util/resolver.c
+++ b/pjlib-util/src/pjlib-util/resolver.c
@@ -929,7 +929,13 @@ PJ_DEF(pj_status_t) pj_dns_resolver_start_query( pj_dns_resolver *resolver,
/* Must return PJ_SUCCESS */
status = PJ_SUCCESS;
- goto on_return;
+ /*
+ * We cannot write to *p_query after calling cb because what
+ * p_query points to may have been freed by cb.
+ * Refer to ticket #1974.
+ */
+ pj_mutex_unlock(resolver->mutex);
+ return status;
}
/* At this point, we have a cached entry, but this entry has expired.
generated by cgit v1.2.3 (git 2.39.1) at 2024-05-20 17:02:16 +0000