IOT-2246 Avoid touching already-freed peer

Change-Id: I55802664860aec4a02da209d3597d68ad405a4a9
Signed-off-by: Dan Mihai <Daniel.Mihai@microsoft.com>
Reviewed-on: https://gerrit.iotivity.org/gerrit/19859
Reviewed-by: Kevin Kane <kkane@microsoft.com>
Tested-by: jenkins-iotivity <jenkins@iotivity.org>

diff --git a/resource/csdk/connectivity/src/adapter_util/ca_adapter_net_ssl.c b/resource/csdk/connectivity/src/adapter_util/ca_adapter_net_ssl.c
index ec685ca..bcaf043 100644 (file)
--- a/resource/csdk/connectivity/src/adapter_util/ca_adapter_net_ssl.c
+++ b/resource/csdk/connectivity/src/adapter_util/ca_adapter_net_ssl.c
@@ -1074,6 +1074,11 @@ static bool checkSslOperation(SslEndPoint_t*  peer,
         (MBEDTLS_SSL_ALERT_MSG_NO_APPLICATION_PROTOCOL != ret))
     {
         OIC_LOG_V(ERROR, NET_SSL_TAG, "%s: -0x%x", (str), -ret);
+
+        // Make a copy of the endpoint, because the callback might
+        // free the peer object, during SSL_RES() below.
+        CAEndpoint_t removedEndpoint = (peer)->sep.endpoint;
+
         oc_mutex_lock(g_sslContextMutex);
 
         if (MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO != ret)
@@ -1081,7 +1086,7 @@ static bool checkSslOperation(SslEndPoint_t*  peer,
             SSL_RES((peer), CA_DTLS_AUTHENTICATION_FAILURE);
         }
 
-        RemovePeerFromList(&(peer)->sep.endpoint);
+        RemovePeerFromList(&removedEndpoint);
 
         oc_mutex_unlock(g_sslContextMutex);
         return false;