Browse code

core: tcp - safety checks on emptly local tcp connection list

Daniel-Constantin Mierla authored on 03/07/2020 12:02:20
Showing 1 changed files
... ...
@@ -1689,10 +1689,10 @@ void release_tcpconn(struct tcp_connection* c, long state, int unix_sock)
1689 1689
 static ticks_t tcpconn_read_timeout(ticks_t t, struct timer_ln* tl, void* data)
1690 1690
 {
1691 1691
 	struct tcp_connection *c;
1692
-	
1693
-	c=(struct tcp_connection*)data; 
1692
+
1693
+	c=(struct tcp_connection*)data;
1694 1694
 	/* or (struct tcp...*)(tl-offset(c->timer)) */
1695
-	
1695
+
1696 1696
 	if (likely(!(c->state<0) && TICKS_LT(t, c->timeout))){
1697 1697
 		/* timeout extended, exit */
1698 1698
 		return (ticks_t)(c->timeout - t);
... ...
@@ -1706,9 +1706,10 @@ static ticks_t tcpconn_read_timeout(ticks_t t, struct timer_ln* tl, void* data)
1706 1706
 					ip_addr2a(&c->rcv.src_ip), c->rcv.src_port,
1707 1707
 					ip_addr2a(&c->rcv.dst_ip), c->rcv.dst_port);
1708 1708
 	}
1709
-	tcpconn_listrm(tcp_conn_lst, c, c_next, c_prev);
1710
-	release_tcpconn(c, (c->state<0)?CONN_ERROR:CONN_RELEASE, tcpmain_sock);
1711
-	
1709
+	if(tcp_conn_lst!=NULL) {
1710
+		tcpconn_listrm(tcp_conn_lst, c, c_next, c_prev);
1711
+		release_tcpconn(c, (c->state<0)?CONN_ERROR:CONN_RELEASE, tcpmain_sock);
1712
+	}
1712 1713
 	return 0;
1713 1714
 }
1714 1715
 
... ...
@@ -1836,8 +1837,10 @@ repeat_1st_read:
1836 1837
 							ip_addr2a(&ec->rcv.dst_ip), ec->rcv.dst_port);
1837 1838
 
1838 1839
 				}
1839
-				tcpconn_listrm(tcp_conn_lst, con, c_next, c_prev);
1840
-				local_timer_del(&tcp_reader_ltimer, &con->timer);
1840
+				if(tcp_conn_lst!=NULL) {
1841
+					tcpconn_listrm(tcp_conn_lst, con, c_next, c_prev);
1842
+					local_timer_del(&tcp_reader_ltimer, &con->timer);
1843
+				}
1841 1844
 				goto con_error;
1842 1845
 			}
1843 1846
 			break;
... ...
@@ -1877,11 +1880,13 @@ read_error:
1877 1880
 							ip_addr2a(&con->rcv.src_ip), con->rcv.src_port,
1878 1881
 							ip_addr2a(&con->rcv.dst_ip), con->rcv.dst_port);
1879 1882
 				}
1880
-				tcpconn_listrm(tcp_conn_lst, con, c_next, c_prev);
1881
-				local_timer_del(&tcp_reader_ltimer, &con->timer);
1882
-				if (unlikely(resp!=CONN_EOF))
1883
-					con->state=S_CONN_BAD;
1884
-				release_tcpconn(con, resp, tcpmain_sock);
1883
+				if(tcp_conn_lst!=NULL) {
1884
+					tcpconn_listrm(tcp_conn_lst, con, c_next, c_prev);
1885
+					local_timer_del(&tcp_reader_ltimer, &con->timer);
1886
+					if (unlikely(resp!=CONN_EOF))
1887
+						con->state=S_CONN_BAD;
1888
+					release_tcpconn(con, resp, tcpmain_sock);
1889
+				}
1885 1890
 			}else{
1886 1891
 #ifdef USE_TLS
1887 1892
 				if (unlikely(read_flags & RD_CONN_REPEAT_READ))
... ...
@@ -1889,8 +1894,8 @@ read_error:
1889 1894
 #endif /* USE_TLS */
1890 1895
 				/* update timeout */
1891 1896
 				con->timeout=get_ticks_raw()+S_TO_TICKS(TCP_CHILD_TIMEOUT);
1892
-				/* ret= 0 (read the whole socket buffer) if short read & 
1893
-				 *  !POLLPRI,  bytes read otherwise */
1897
+				/* ret= 0 (read the whole socket buffer) if short read
1898
+				 * & !POLLPRI,  bytes read otherwise */
1894 1899
 				ret&=(((read_flags & RD_CONN_SHORT_READ) &&
1895 1900
 						!(events & POLLPRI)) - 1);
1896 1901
 			}
... ...
@@ -1904,7 +1909,7 @@ read_error:
1904 1909
 			LM_CRIT("unknown fd type %d\n", fm->type);
1905 1910
 			goto error;
1906 1911
 	}
1907
-	
1912
+
1908 1913
 	return ret;
1909 1914
 con_error:
1910 1915
 	con->state=S_CONN_BAD;