deac/osd-contiki
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

core/net/rime/ipolite: stop ctimer and reset queuebuf pointer when canceling old send

Browse source 
Ipolite is used by netflood and route-discovery modules among others. If a route request is yet to be re-broadcasted and a local route discovery is started (interval == 0), the previous queuebuf used is freed but ctimer and queuebuf pointer is left unchanged. This causes corrupt route requests to be sent, invalid routing tables to be formed, memcmp() on NULL pointer on receive, and other undefined behavior.

Signed-off-by: Oskar Nordquist <oskar.nordquist@crlsweden.com>
This commit is contained in:
Oskar Nordquist 2014-10-21 15:25:52 +02:00
parent 6fb7dd238e
commit 5e640411f5
1 changed files with 2 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
core/net/rime/ipolite.c
View file

@ -148,6 +148,8 @@ ipolite_send(struct ipolite_conn *c, clock_time_t interval, uint8_t hdrsize)
PRINTF("%d.%d: ipolite_send: cancel old send\n", PRINTF("%d.%d: ipolite_send: cancel old send\n",
linkaddr_node_addr.u8[0],linkaddr_node_addr.u8[1]); linkaddr_node_addr.u8[0],linkaddr_node_addr.u8[1]);
queuebuf_free(c->q); queuebuf_free(c->q);
c->q = NULL;
ctimer_stop(&c->t);
} }
c->dups = 0; c->dups = 0;
c->hdrsize = hdrsize; c->hdrsize = hdrsize;