sftp_readdir_async(): don't access request when it may have been freed
Fixes: #7
This commit is contained in:
Nikolaus Rath
parent
6f6491cd13
commit
82766d1093
|
|
@ -1,3 +1,9 @@
|
|||
Unreleased Changes
|
||||
------------------
|
||||
|
||||
* Fixed a crash due to a race condition when listing
|
||||
directory contents.
|
||||
|
||||
Release 3.0.0 (2017-07-08)
|
||||
--------------------------
|
||||
|
||||
|
|
|
|||
7
sshfs.c
7
sshfs.c
|
|
@ -2073,11 +2073,16 @@ static int sftp_readdir_async(struct buffer *handle, void *buf, off_t offset,
|
|||
outstanding--;
|
||||
|
||||
if (done) {
|
||||
/* We need to cache want_reply, since processing
|
||||
thread may free req right after unlock() if
|
||||
want_reply == 0 */
|
||||
int want_reply;
|
||||
pthread_mutex_lock(&sshfs.lock);
|
||||
if (sshfs_req_pending(req))
|
||||
req->want_reply = 0;
|
||||
want_reply = req->want_reply;
|
||||
pthread_mutex_unlock(&sshfs.lock);
|
||||
if (!req->want_reply)
|
||||
if (!want_reply)
|
||||
continue;
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue