From 09c4bab41188c13e7a9227f8baaff230ebdd0875 Mon Sep 17 00:00:00 2001 From: Willy Tarreau Date: Sun, 10 Feb 2019 18:49:37 +0100 Subject: [PATCH] BUG/MAJOR: stream: avoid double free on unique_id Commit 32211a1 ("BUG/MEDIUM: stream: Don't forget to free s->unique_id in stream_free().") addressed a memory leak but in exchange may cause double-free due to the fact that after freeing s->unique_id it doesn't null it and then calls http_end_txn() which frees it again. Thus the process quickly crashes at runtime. This fix must be backported to all stable branches where the aforementioned patch was backported. --- src/stream.c | 1 + 1 file changed, 1 insertion(+) diff --git a/src/stream.c b/src/stream.c index a96ddcb..df778b1 100644 --- a/src/stream.c +++ b/src/stream.c @@ -387,6 +387,7 @@ static void stream_free(struct stream *s) } pool_free(pool_head_uniqueid, s->unique_id); + s->unique_id = NULL; hlua_ctx_destroy(s->hlua); s->hlua = NULL; -- 1.7.10.4