Protect to access released handle

Change-Id: Ib228d1991930e220226e83b2d7ed87155589e595
Signed-off-by: Changgyu Choi <changyu.choi@samsung.com>

diff --git a/src/ac-internal.cc b/src/ac-internal.cc
index 70821d6..9f44608 100644 (file)
--- a/src/ac-internal.cc
+++ b/src/ac-internal.cc
@@ -96,7 +96,14 @@ int AccessController::Check(int fd, const std::string& sender_appid) {
 
 void AccessController::CheckAsync(int fd, std::string sender_appid,
     CompleteCallback callback) {
+  /* This is for handle freed issue */
+  auto tmp_handle = new std::shared_ptr<AccessController>(shared_from_this());
   Job job([=]() -> Job::Type {
+    if ((*tmp_handle).use_count() == 1) {
+      delete tmp_handle;
+      return Job::Type::Continue;
+    }
+
     int res = Check(fd, sender_appid);
     auto* cbdata = new std::pair<CompleteCallback, int>(callback, res);
     guint sid = g_idle_add(
@@ -112,6 +119,7 @@ void AccessController::CheckAsync(int fd, std::string sender_appid,
       delete cbdata;
     }
 
+    delete tmp_handle;
     return Job::Type::Continue;
   });
 

diff --git a/src/ac-internal.hh b/src/ac-internal.hh
index a2309ee..daefbd7 100644 (file)
--- a/src/ac-internal.hh
+++ b/src/ac-internal.hh
@@ -33,7 +33,7 @@ namespace internal {
 
 using CompleteCallback = std::function<void(int)>;
 
-class AccessController {
+class AccessController : public std::enable_shared_from_this<AccessController> {
  public:
   explicit AccessController(bool trusted = false) : trusted_(trusted) {}
 

diff --git a/src/cynara_thread.cc b/src/cynara_thread.cc
index 15ccf15..fb86761 100644 (file)
--- a/src/cynara_thread.cc
+++ b/src/cynara_thread.cc
@@ -40,17 +40,16 @@ CynaraThread::CynaraThread() {
 }
 
 CynaraThread::~CynaraThread() {
-  Job finish_job;
-  Push(finish_job);
+  finished_ = true;
   thread_.join();
 }
 
 void CynaraThread::ThreadRun() {
   while (true) {
     Job job = queue_.WaitAndPop();
-    Job::Type ret = job.Do();
-    if (ret == Job::Type::Finish)
+    if (finished_)
       return;
+    Job::Type ret = job.Do();
   }
 }
 

diff --git a/src/cynara_thread.hh b/src/cynara_thread.hh
index 3babdd3..04d76cd 100644 (file)
--- a/src/cynara_thread.hh
+++ b/src/cynara_thread.hh
@@ -17,6 +17,7 @@
 #ifndef CYNARA_THREAD_HH_
 #define CYNARA_THREAD_HH_
 
+#include <atomic>
 #include <functional>
 #include <shared-queue.hpp>
 #include <thread>
@@ -58,6 +59,7 @@ class CynaraThread {
   Job Pop();
 
   std::thread thread_;
+  std::atomic<bool> finished_ = false;
   mutable tizen_base::SharedQueue<Job> queue_;
 };
 

diff --git a/src/stub-internal.cc b/src/stub-internal.cc
index 72b59b2..b0bc883 100644 (file)
--- a/src/stub-internal.cc
+++ b/src/stub-internal.cc
@@ -129,12 +129,12 @@ void Stub::Ignore() {
 
 void Stub::AddPrivilege(const std::string& privilege) {
   std::lock_guard<std::recursive_mutex> lock(GetMutex());
-  access_controller_.AddPrivilege(privilege);
+  access_controller_->AddPrivilege(privilege);
 }
 
 void Stub::SetTrusted(const bool trusted) {
   std::lock_guard<std::recursive_mutex> lock(GetMutex());
-  access_controller_.SetTrusted(trusted);
+  access_controller_->SetTrusted(trusted);
 }
 
 std::shared_ptr<Port> Stub::FindPort(const std::string& instance) const {
@@ -412,7 +412,7 @@ gboolean Stub::Server::OnRequestReceived(GIOChannel* channel, GIOCondition cond,
       _E("Reject request. %u:%u", cred->GetUid(), getuid());
       res = -1;
     } else {
-      stub->access_controller_.CheckAsync(client->GetFd(), app_id,
+      stub->access_controller_->CheckAsync(client->GetFd(), app_id,
           response_func);
       return G_SOURCE_CONTINUE;
     }

diff --git a/src/stub-internal.hh b/src/stub-internal.hh
index 0f2723c..f58413f 100644 (file)
--- a/src/stub-internal.hh
+++ b/src/stub-internal.hh
@@ -108,7 +108,8 @@ class Stub {
   std::recursive_mutex& GetMutex() const;
 
  private:
-  AccessController access_controller_;
+  std::shared_ptr<AccessController> access_controller_ =
+      std::make_shared<AccessController>();
   std::string port_name_;
   std::list<std::shared_ptr<AcceptedPort>> ports_;
   IEventListener* listener_ = nullptr;