e4bd7a4549
uloop_run() may finish without ever reaching request_done(), for example when the main loop is interrupted by a signal. In this case, uclient_disconnect() was never called, leaving a number of callbacks like timeout handlers registered in the uloop context. When the main loop was later resumed in a subsequent HTTP request without completely reinitializing the uloop context, these timeout handlers could still fire, even though the old uclient context had already been freed, resulting in a use-after-free. To avoid this, move the uclient_disconnect() call out of request_done() to ensure that it is always called before uclient_free(). |
||
---|---|---|
.. | ||
files | ||
src | ||
Makefile | ||
README.md | ||
manifest.sample |