search

cinder / Cinder

Cinder is a community-developed, free and open source library for professional-quality creative coding in C++.
http://libcinder.org
Other
5.34k stars 944 forks source link

osc: crash when closing TCP receiver connections #2192

Closed totalgee closed 4 years ago

totalgee commented 4 years ago

I came across this bug when trying to write a server using osc::ReceiverTcp, that supported multiple client connections. I was getting crashes in the OSC TCP server when disconnecting a client (in ReceiverTcp::closeConnection()).

https://github.com/cinder/Cinder/blob/3f8bbc48fdb63346ba8799ec5c3ec99b95f74102/blocks/OSC/src/cinder/osc/Osc.cpp#L1608-L1611

The issue here is that std::remove_if not only moves any matching elements (which in this case is a unique_ptr<Connection>) to the end of the vector, but also "moves from" it -- which for a unique_ptr means it's set to nullptr. So later, when the iterator is dereferenced to call shutdown(), we get undefined behaviour (a crash, generally), here:

https://github.com/cinder/Cinder/blob/3f8bbc48fdb63346ba8799ec5c3ec99b95f74102/blocks/OSC/src/cinder/osc/Osc.cpp#L1613

andrewfb commented 4 years ago

Fixed via #2186 - thanks again.