diff options
| author | Alexander Barton <alex@barton.de> | 2010-05-22 17:03:54 +0200 |
|---|---|---|
| committer | Alexander Barton <alex@barton.de> | 2010-05-22 17:03:54 +0200 |
| commit | 55190f2d3ddf9b4bd43b0555df784c95eed82390 (patch) | |
| tree | 643187397ccdeaa5f5f0ec7ae120a161c82b604b | |
| parent | 6dc80bd195ad0760bb560177d6f91c86b7698758 (diff) | |
| download | ngircd-55190f2d3ddf9b4bd43b0555df784c95eed82390.tar.gz ngircd-55190f2d3ddf9b4bd43b0555df784c95eed82390.zip | |
Don't access already freed memory in IRC_KILL()
It is not possible to call Conn_Close() after Client_Destroy() has been called, because Conn_Close wants to access the CLIENT structure which then has been freed already. Fix IRC_KILL to use Conn_Close() for local clients and Client_Destroy() for remote clients only (and never both).
| -rw-r--r-- | src/ngircd/irc.c | 12 |
1 files changed, 8 insertions, 4 deletions
diff --git a/src/ngircd/irc.c b/src/ngircd/irc.c index b4db3b77..0cb9a6e5 100644 --- a/src/ngircd/irc.c +++ b/src/ngircd/irc.c @@ -160,11 +160,15 @@ IRC_KILL( CLIENT *Client, REQUEST *Req ) Client_Type( c ), Req->argv[0] ); } - /* Kill client NOW! */ + /* Kill the client NOW: + * - Close the local connection (if there is one), + * - Destroy the CLIENT structure for remote clients. + * Note: Conn_Close() removes the CLIENT structure as well. */ conn = Client_Conn( c ); - Client_Destroy( c, NULL, reason, false ); - if( conn > NONE ) - Conn_Close( conn, NULL, reason, true ); + if(conn > NONE) + Conn_Close(conn, NULL, reason, true); + else + Client_Destroy(c, NULL, reason, false); } else Log( LOG_NOTICE, "Client with nick \"%s\" is unknown here.", Req->argv[0] ); |