From 824dfacd081a08b1cbb4222a7defa2b5c32e0b24 Mon Sep 17 00:00:00 2001 From: zhanghongyu Date: Fri, 18 Oct 2024 21:15:27 +0800 Subject: [PATCH] net/local: fix used after free now the lc_path of the client will not be the same as that of the server. therefore, accept->peer = NULL will not be set when the client release the conn, then when release accept conn, set client->peer(accept->peer->peer) = NULL will cause used after free Signed-off-by: zhanghongyu --- net/local/local_conn.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net/local/local_conn.c b/net/local/local_conn.c index f6fcd8294d..165dc12a3f 100644 --- a/net/local/local_conn.c +++ b/net/local/local_conn.c @@ -299,7 +299,7 @@ void local_free(FAR struct local_conn_s *conn) dq_rem(&conn->lc_conn.node, &g_local_connections); - if (local_peerconn(conn) && conn->lc_peer) + if (conn->lc_peer) { conn->lc_peer->lc_peer = NULL; conn->lc_peer = NULL;