ubus: ubus_free: clear pending timers before freeing context

If a synchronous operation is executed on a ubus context after
uloop_done() has been called, the context's pending_timer
may remain in uloop's list of timeouts.
This leads to undefined behaviour during next execution of uloop
code, as it may be referring to unavailable memory or memory
that has been allocated for different purposes.

Signed-off-by: Marcin Nowakowski <marcin.nowakowski@imgtec.com>
Signed-off-by: Abhimanyu Vishwakarma <Abhimanyu.Vishwakarma@imgtec.com>

diff --git a/libubus.c b/libubus.c
index b25d8b0..51a1483 100644 (file)
--- a/libubus.c
+++ b/libubus.c
@@ -362,6 +362,7 @@ void ubus_shutdown(struct ubus_context *ctx)
        if (!ctx)
                return;
        close(ctx->sock.fd);
+       uloop_timeout_cancel(&ctx->pending_timer);
        free(ctx->msgbuf.data);
 }