Closed git-bruh closed 8 months ago
Thanks for working on this. Yeah, having leaks is not ideal, but fixing them is neither too because, looking at your work, that would make maintaining eiwd a lot harder due to non-trivial stub functions which also require modifying ell submodule in order to be in effect. If stubs were simple, say "return NULL", and not touching ell submodule at all, then I would welcome that, but from what I see I afraid I don't have a capacity to maintain such intrusive changes. Hence the question: is it possible to take a different approach to fixing these leaks?
yeah there's no sane way to fix this since the callbacks for allocating and free-ing stuff are sent over dbus only
A lot of the stubbed out DBUS calls are actually responsible for correlating a
netdev
with allocated resources andfree
-ing them, for example, takedpp.c
A DBUS interface is registered https://github.com/illiliti/eiwd/blob/master/src/dpp.c#L2735
The setup function is mundane https://github.com/illiliti/eiwd/blob/master/src/dpp.c#L2698
But the destructor does a very important task of removing the pointer from the queue and free-ing it https://github.com/illiliti/eiwd/blob/master/src/dpp.c#L2716 (constructed here https://github.com/illiliti/eiwd/blob/master/src/dpp.c#L2386)
This leads to a use after free because when a
netdev
is free-d, it would trigger the watcher, causing the respectivedpp
to get free'd and removed from the queue beforefree
is actually called on thenetdev
https://github.com/illiliti/eiwd/blob/master/src/dpp.c#L2415However, if dbus is not present, this never happens and when the
dpp
list is cleared at the end, thedpp
object obviously references a straynetdev
which is used here https://github.com/illiliti/eiwd/blob/master/src/dpp.c#L208Similar cases were present in almost all the other files, causing leaks
So for this we basically have to emulate what DBus does, which is being done in
dbus-stub.c
, just a garbage example, it needs to be re written to usel_hashmap
Most of the other function calls like
l_dbus_interface_property
are useless and just return failureAlso this change must be made to the
ell
submodule so that ourdbus.h
hacks can take precedence