From 2d2c249958d3f983e77bdecaf4bfc4553dacad62 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Sur=C3=BD?= Date: Fri, 27 Oct 2023 10:16:13 +0200 Subject: [PATCH] Call isccc_ccmsg_invalidate() when shutting down the connection Previously, the isccc_ccmsg_invalidate() was called from conn_free() and this could lead to netmgr calling control_recvmessage() after we detached the reading controlconnection_t reference, but it wouldn't be the last reference because controlconnection_t is also attached/detached when sending response or running command asynchronously. Instead, move the isccc_ccmsg_invalidate() call to control_recvmessage() error handling path to make sure that control_recvmessage() won't be ever called again from the netmgr. --- bin/named/controlconf.c | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/bin/named/controlconf.c b/bin/named/controlconf.c index 5dbc97106f..3b8b3f5f2b 100644 --- a/bin/named/controlconf.c +++ b/bin/named/controlconf.c @@ -407,9 +407,7 @@ control_recvmessage(isc_nmhandle_t *handle ISC_ATTR_UNUSED, isc_result_t result, isccc_time_t exp; uint32_t nonce; - if (conn->shuttingdown) { - return; - } + INSIST(!conn->shuttingdown); /* Is the server shutting down? */ if (listener->controls->shuttingdown) { @@ -539,6 +537,9 @@ control_recvmessage(isc_nmhandle_t *handle ISC_ATTR_UNUSED, isc_result_t result, return; cleanup: + /* Make sure no read callbacks are called again */ + isccc_ccmsg_invalidate(&conn->ccmsg); + conn->shuttingdown = true; REQUIRE(isc_tid() == 0); @@ -564,8 +565,6 @@ conn_free(controlconnection_t *conn) { } #endif /* ifdef ENABLE_AFL */ - isccc_ccmsg_invalidate(&conn->ccmsg); - isc_log_write(named_g_lctx, NAMED_LOGCATEGORY_GENERAL, NAMED_LOGMODULE_CONTROL, ISC_LOG_DEBUG(3), "freeing control connection");