diff options
author | Alexandru Ardelean <ardeleanalex@gmail.com> | 2017-02-02 17:59:49 +0200 |
---|---|---|
committer | Felix Fietkau <nbd@nbd.name> | 2017-02-07 10:45:14 +0100 |
commit | c09e4f06f0f54be8304fb4459445198920fea32e (patch) | |
tree | 41a81b3ec27c4223b08476a4a30f222a1f1d6935 | |
parent | 91acde66b963e238aba35fb4f2030a147df84cd4 (diff) | |
download | ubus-c09e4f06f0f54be8304fb4459445198920fea32e.tar.gz |
ubusd: fix incomplete copy of shared buf during queue-ing
For a shared ubus_msg_buf, the ubus_msg_ref function will
create a copy for queue-ing.
Problem is, that during the dequeue (especially) in client_cb,
the header is 0-ed (because it's was a newly alloc-ed buffer).
And during ubus_msg_writev(), the header info will be ignored
by the client.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
-rw-r--r-- | ubusd.c | 11 |
1 files changed, 9 insertions, 2 deletions
@@ -32,8 +32,15 @@ static struct ubus_msg_buf *ubus_msg_ref(struct ubus_msg_buf *ub) { - if (ub->refcount == ~0) - return ubus_msg_new(ub->data, ub->len, false); + struct ubus_msg_buf *new_ub; + if (ub->refcount == ~0) { + new_ub = ubus_msg_new(ub->data, ub->len, false); + if (!new_ub) + return NULL; + memcpy(&new_ub->hdr, &ub->hdr, sizeof(struct ubus_msghdr)); + new_ub->fd = ub->fd; + return new_ub; + } ub->refcount++; return ub; |