runqueue: fix use-after-free bug
[project/libubox.git] / ustream-fd.c
index a252708..b546fa1 100644 (file)
 #include <stdio.h>
 #include "ustream.h"
 
-static bool _init = false;
-
 static void ustream_fd_set_uloop(struct ustream *s, bool write)
 {
        struct ustream_fd *sf = container_of(s, struct ustream_fd, stream);
        struct ustream_buf *buf;
-       unsigned int flags = ULOOP_EDGE_TRIGGER;
+       unsigned int flags = ULOOP_EDGE_TRIGGER | ULOOP_ERROR_CB;
 
        if (!s->read_blocked && !s->eof)
                flags |= ULOOP_READ;
@@ -37,9 +35,6 @@ static void ustream_fd_set_uloop(struct ustream *s, bool write)
                flags |= ULOOP_WRITE;
 
        uloop_fd_add(&sf->fd, flags);
-
-       if ((flags & ULOOP_READ) && !_init);
-               sf->fd.cb(&sf->fd, ULOOP_READ);
 }
 
 static void ustream_fd_set_read_blocked(struct ustream *s)
@@ -55,6 +50,9 @@ static void ustream_fd_read_pending(struct ustream_fd *sf, bool *more)
        char *buf;
 
        do {
+               if (s->read_blocked)
+                       break;
+
                buf = ustream_reserve(s, 1, &buflen);
                if (!buf)
                        break;
@@ -64,14 +62,17 @@ static void ustream_fd_read_pending(struct ustream_fd *sf, bool *more)
                        if (errno == EINTR)
                                continue;
 
-                       if (errno == EAGAIN)
+                       if (errno == EAGAIN || errno == ENOTCONN)
                                return;
 
                        len = 0;
                }
 
                if (!len) {
-                       sf->fd.eof = true;
+                       if (!s->eof)
+                               ustream_state_change(s);
+                       s->eof = true;
+                       ustream_fd_set_uloop(s, false);
                        return;
                }
 
@@ -95,7 +96,7 @@ static int ustream_fd_write(struct ustream *s, const char *buf, int buflen, bool
                        if (errno == EINTR)
                                continue;
 
-                       if (errno == EAGAIN || errno == EWOULDBLOCK)
+                       if (errno == EAGAIN || errno == EWOULDBLOCK || errno == ENOTCONN)
                                break;
 
                        return -1;
@@ -115,21 +116,21 @@ static int ustream_fd_write(struct ustream *s, const char *buf, int buflen, bool
 static bool __ustream_fd_poll(struct ustream_fd *sf, unsigned int events)
 {
        struct ustream *s = &sf->stream;
-       struct uloop_fd *fd = &sf->fd;
        bool more = false;
 
        if (events & ULOOP_READ)
                ustream_fd_read_pending(sf, &more);
 
        if (events & ULOOP_WRITE) {
-               if (!ustream_write_pending(s))
+               bool no_more = ustream_write_pending(s);
+               if (no_more)
                        ustream_fd_set_uloop(s, false);
        }
 
-       if (!s->eof && fd->eof) {
-               s->eof = true;
-               ustream_fd_set_uloop(s, false);
+       if (sf->fd.error && !s->write_error) {
                ustream_state_change(s);
+               s->write_error = true;
+               ustream_fd_set_uloop(s, false);
        }
 
        return more;
@@ -168,7 +169,5 @@ void ustream_fd_init(struct ustream_fd *sf, int fd)
        s->write = ustream_fd_write;
        s->free = ustream_fd_free;
        s->poll = ustream_fd_poll;
-       _init = true;
        ustream_fd_set_uloop(s, false);
-       _init = false;
 }