From 31b985f54701502b844fb67414b2da20eef7eed0 Mon Sep 17 00:00:00 2001 From: Bastien Nocera Date: Wed, 30 May 2018 20:00:26 +0200 Subject: [PATCH] device: Fix crash on exit Fix a possible crash when an fprintd client disappears. If the client requested for the device to be released, then, without waiting for the reply of that release, disappeared from the bus, we would try to close it a second time, accessing a function pointer that didn't exist anymore. See https://bugzilla.redhat.com/show_bug.cgi?id=1515720 --- src/device.c | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) diff --git a/src/device.c b/src/device.c index 85a2540..e9b89bc 100644 --- a/src/device.c +++ b/src/device.c @@ -558,7 +558,12 @@ _fprint_device_client_vanished (GDBusConnection *connection, /* Close the claimed device as well */ if (priv->dev) { - fp_async_dev_close (priv->dev, action_stop_cb, &done); + struct fp_dev *dev; + + dev = priv->dev; + priv->dev = NULL; + + fp_async_dev_close (dev, action_stop_cb, &done); while (done == FALSE) g_main_context_iteration (NULL, TRUE); } @@ -737,8 +742,13 @@ static void fprint_device_release(FprintDevice *rdev, } session->context_release_device = context; - if (priv->dev) - fp_async_dev_close(priv->dev, dev_close_cb, rdev); + if (priv->dev) { + struct fp_dev *dev; + + dev = priv->dev; + priv->dev = NULL; + fp_async_dev_close(dev, dev_close_cb, rdev); + } } static void verify_cb(struct fp_dev *dev, int r, struct fp_img *img,