> <malcolm.macleod@tshwanedje.com> wrote:
> > The crash seems to occur because CC_send_query_append crash takes a
> > local copy of the pointer 'self->sock' at the top of the function,
> > 'self' is then passed around to various functions (some of which have
> > the side effect of setting self->sock to NULL (and deleting) if there is
> > a lost connection) and then the local copy of the pointer (which is now
> > dangling) is dereferenced lower down in the function.
> > Essentially if there is a disconnect while CC_send_query_append is
> > running there is a risk of crash.
> Looking at the code, I am seeing that the problem is related to
> CC_on_abort where conn->sock is set to NULL when the connection is
> considered as dead. And I am indeed seeing two code paths (when
> sending the 'C' message there is an ABORT check and in cleanup
> section) that could use this NULL socket afterwards. Your patch is
> perhaps a bit too much. So I am proposing the attached patch instead.
> Let me know if this fixes your issue as well.
Thanks for the fast response!
Your proposed patch would also fix the issue, so I have no problem with
it being used instead.
I guess from my side I just don't personally understand the point of
keeping the local pointer copy at all (it just seems like an invitation
for this sort of thing to occur) - so it made more sense to me to remove
it entirely to prevent future occurrences of similar issues - although I
suppose also the less code disturbed the better. I am not overly
familiar with the code so can't say what is best.
Thanks,
Malcolm
