[Mono-list] Bug in RecvFrom_internal
Jonathan Liger
Jonathan Liger" <Jonathan.liger@wanadoo.fr
Wed, 21 Aug 2002 22:13:44 +0200
This is a multi-part message in MIME format.
------=_NextPart_000_0005_01C24960.037543E0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Hi,
I think I have found a bug in one of the low level socket methods in the
Mono framework :
In gint32 ves_icall_System_Net_Sockets_Socket_RecvFrom_internal(SOCKET,
MonoArray *, gint32, gint32, gint32, MonoObject **), the pointer 'sa' was
used after having been 'g_free'-ed.
The corresponding patch is attached to this mail.
In fact, it was just a simple bug, but it took me a while to see where it
came from (I just had address familly problems when using the UdpClient).
Anyway, hunting that bug made me know a bit better how all this worked.
Jonathan LIGER
------=_NextPart_000_0005_01C24960.037543E0
Content-Type: application/octet-stream;
name="patch_socket-io"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: attachment;
filename="patch_socket-io"
diff -ru mono-0.12/mono/metadata/socket-io.c =
mono/mono/metadata/socket-io.c=0A=
--- mono-0.12/mono/metadata/socket-io.c 2002-08-21 22:52:21.000000000 =
+0200=0A=
+++ mono/mono/metadata/socket-io.c 2002-08-21 22:52:41.000000000 +0200=0A=
@@ -791,13 +791,14 @@=0A=
buf=3Dmono_array_addr(buffer, guchar, offset);=0A=
=0A=
ret=3Drecvfrom(sock, buf, count, recvflags, sa, &sa_size);=0A=
- g_free(sa);=0A=
=0A=
if(ret=3D=3DSOCKET_ERROR) {=0A=
+ g_free(sa);=0A=
mono_raise_exception(get_socket_exception(WSAGetLastError()));=0A=
}=0A=
=0A=
*sockaddr=3Dcreate_object_from_sockaddr(sa, sa_size);=0A=
+ g_free(sa);=0A=
=0A=
return(ret);=0A=
}=0A=
------=_NextPart_000_0005_01C24960.037543E0--