connection: when freeing a connection purge its cached entries

When freeing a connection remove also all the cached entries related
to this connection, otherwise if we access this cached entry through
another valid connection, we will hit memory corruption bugs.

Signed-off-by: Djalal Harouni <tixxdz@opendz.org>

diff --git a/connection.c b/connection.c
index 542f6773847105c43fe3b4426ac26634ed83e4a6..656611778b751b60d9b58bdcccc072ed3b5be995 100644 (file)
--- a/connection.c
+++ b/connection.c
@@ -1545,8 +1545,10 @@ static void __kdbus_conn_free(struct kref *kref)
        if (conn->ep->policy_db)
                kdbus_policy_remove_conn(conn->ep->policy_db, conn);
 
-       if (conn->bus->policy_db)
+       if (conn->bus->policy_db) {
+               kdbus_policy_remove_conn(conn->bus->policy_db, conn);
                kdbus_policy_remove_owner(conn->bus->policy_db, conn);
+       }
 
        kdbus_meta_free(conn->owner_meta);
        kdbus_match_db_free(conn->match_db);

diff --git a/domain.h b/domain.h
index 91a7d5ee4db24a0b23ce1cc56473b8a7cb4713ae..9c477dbfe82507d29ea8ad99913a00e6137349be 100644 (file)
--- a/domain.h
+++ b/domain.h
@@ -71,7 +71,7 @@ struct kdbus_domain {
 /**
  * struct kdbus_domain_user - resource accounting for users
  * @kref:              Reference counter
- * @domain:                    Domain of the user
+ * @domain:            Domain of the user
  * @hentry:            Entry in domain user map
  * @idr:               Smalles possible index number of all users
  * @uid:               UID of the user