daemon/http: fix memleak if http_write_pkt() fails
This can happen for example when we want to send an answer, but the http stream (or the connection?) is already closed.
Direct leak of 48 byte(s) in 1 object(s) allocated from:
#0 0x7f5ad2445459 in __interceptor_malloc /build/gcc/src/gcc/libsanitizer/asan/asan_malloc_linux.cpp:145
#1 0x55c0db3fc442 in http_write_pkt ../daemon/http.c:610
#2 0x55c0db3fc882 in http_write ../daemon/http.c:651
#3 0x55c0db3e9bb1 in qr_task_send ../daemon/worker.c:700
#4 0x55c0db3ee86c in qr_task_finalize ../daemon/worker.c:1321
#5 0x55c0db3f0123 in qr_task_step ../daemon/worker.c:1633
#6 0x55c0db3f0982 in worker_submit ../daemon/worker.c:1755
#7 0x55c0db3d992a in session_wirebuf_process ../daemon/session.c:759
#8 0x55c0db3c5f01 in udp_recv ../daemon/io.c:89
#9 0x7f5ad22b0e0e (/usr/lib/libuv.so.1+0x20e0e)Merge request reports
Activity
changed milestone to %5.3.1
added bug label
added 1 commit
- a3a6ba39 - daemon/http: fix memleak if http_write_pkt() fails
To avoid a double-free error, the http_write() must return an error if and only if the passed in on_write callback wasn't called. This makes the error handling very complex. I'm not 100 % sure I got it right (this is like my 5th version of trying to handle it...), so please triple-check the logic.
I initially found this error by using firefox as DoH client and querying various delays using the
$DELAY.delay.getdnsapi.netdomain. Values between 1000-10000 seemed to have triggered it.removed milestone %5.3.1
changed milestone to %5.3.2
requested review from @ljezek
added 20 commits
-
a3a6ba39...c8cb9740 - 19 commits from branch
master - 74133170 - daemon/http: fix memleak if http_write_pkt() fails
-
a3a6ba39...c8cb9740 - 19 commits from branch
added 4 commits
-
74133170...a264964d - 3 commits from branch
master - 52097127 - daemon/http: fix memleak if http_write_pkt() fails
-
74133170...a264964d - 3 commits from branch
mentioned in commit b6a62943