ubus: ubus_free: clear pending timers before freeing context

If a synchronous operation is executed on a ubus context after
uloop_done() has been called, the context's pending_timer
may remain in uloop's list of timeouts.
This leads to undefined behaviour during next execution of uloop
code, as it may be referring to unavailable memory or memory
that has been allocated for different purposes.

Signed-off-by: Marcin Nowakowski <[email protected]>
Signed-off-by: Abhimanyu Vishwakarma <[email protected]>

diff --git a/libubus.c b/libubus.c
index b25d8b084f9b6271bfd1625c24549c25edfb2a78..51a148300d3781bcfad9df3418f4c8f5ea466cc7 100644 (file)
--- a/libubus.c
+++ b/libubus.c
@@ -362,6 +362,7 @@ void ubus_shutdown(struct ubus_context *ctx)
        if (!ctx)
                return;
        close(ctx->sock.fd);
+       uloop_timeout_cancel(&ctx->pending_timer);
        free(ctx->msgbuf.data);
 }