Home Explore Help
Register Sign In
OWEALs
/
libubox
mirror of https://git.openwrt.org/project/libubox.git
2
0
Fork 0
Files Issues 0 Wiki
Browse Source

runqueue: fix use-after-free bug

Calling t->complete in runqueue_task_complete can free the memory
associated with t. Change the runqueue_start_next accordingly.

Fixes https://github.com/openwrt/openwrt/issues/493

Signed-off-by: Felix Fietkau <nbd@nbd.name>
Felix Fietkau 6 years ago
parent
368fd26458
commit
6a7fb7d8df
1 changed files with 1 additions and 1 deletions
Split View Show Diff Stats
  1. 1 1
      runqueue.c

+ 1 - 1
runqueue.c
View File 

@@ -232,7 +232,7 @@ void runqueue_task_complete(struct runqueue_task *t)
 
 	t->cancelled = false;
 
 	if (t->complete)
 
 		t->complete(q, t);
 
-	runqueue_start_next(t->q);
 
+	runqueue_start_next(q);
 
 }
 
 
 static void