# HG changeset patch # User Olaf Wintermann # Date 1761753096 -3600 # Node ID 7a0a364a1d678e04043d99045fe02c1036ef5875 # Parent 1ffc6fce045df527d8af31da5e0877b74d5f74a2 fix user-after-free in case evt_add_request/ev_pollin fails diff -r 1ffc6fce045d -r 7a0a364a1d67 configure --- a/configure Sun Oct 26 15:31:50 2025 +0100 +++ b/configure Wed Oct 29 16:51:36 2025 +0100 @@ -151,9 +151,8 @@ # custom variables if true \ ; then - HOST=`uname -n` - PREFIX="`pwd`/work" - INSTALL_DIR="$PREFIX" + host=`uname -n` + prefix="`pwd`/work" fi # features @@ -536,6 +535,19 @@ done break done +while true +do + while true + do + + cat >> "$TEMP_DIR/make.mk" << __EOF__ +HOST = $host +INSTALL_DIR = $prefix +__EOF__ + break + done + break +done # build type if [ "$BUILD_TYPE" = "debug" ]; then diff -r 1ffc6fce045d -r 7a0a364a1d67 make/project.xml --- a/make/project.xml Sun Oct 26 15:31:50 2025 +0100 +++ b/make/project.xml Wed Oct 29 16:51:36 2025 +0100 @@ -2,9 +2,8 @@ - uname -n - `pwd`/work - $PREFIX + uname -n + `pwd`/work @@ -79,6 +78,11 @@ APP_EXT = + + + HOST = $host + INSTALL_DIR = $prefix + diff -r 1ffc6fce045d -r 7a0a364a1d67 src/server/daemon/sessionhandler.c --- a/src/server/daemon/sessionhandler.c Sun Oct 26 15:31:50 2025 +0100 +++ b/src/server/daemon/sessionhandler.c Wed Oct 29 16:51:36 2025 +0100 @@ -246,7 +246,7 @@ if(ev_pollin(h, conn->fd, io->io_event) != 0) { // TODO: ev_pollin should log, intercept some errors here log_ereport(LOG_FAILURE, "Cannot enqueue connection"); - evt_request_error(h, event); + event->finish = evt_request_error; } else { // add request timeout io->watch.intdata = 1; @@ -579,7 +579,7 @@ http_parser_free(parser); free(io); - free(event); + free(event); // TODO: is this safe?? log_ereport(LOG_DEBUG, "trace reqid: %016llx free event", (unsigned long long int)reqid); return 0;