Skip to content

Commit

Permalink
Fix for Bug #36732
Browse files Browse the repository at this point in the history
Set the app_state callback object in the Connection state to null
when the CASE session object is being cleared, on top of setting the
inner callback methods to null.
This prevents the callback object from being accessed later, when the
connection is getting closed(after the CASE session has been set up and
the session object no longer exists).
  • Loading branch information
pidarped committed Dec 17, 2024
1 parent 2c6c421 commit 556ac52
Showing 1 changed file with 11 additions and 5 deletions.
16 changes: 11 additions & 5 deletions src/protocols/secure_channel/CASESession.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -428,12 +428,18 @@ void CASESession::Clear()
mTCPConnCbCtxt.connClosedCb = nullptr;
mTCPConnCbCtxt.connReceivedCb = nullptr;

if (mPeerConnState && mPeerConnState->mConnectionState != Transport::TCPState::kConnected)
if (mPeerConnState)
{
// Abort the connection if the CASESession is being destroyed and the
// connection is in the middle of being set up.
mSessionManager->TCPDisconnect(mPeerConnState, /* shouldAbort = */ true);
mPeerConnState = nullptr;
// Set the app state callback object in the Connection state to null.
mPeerConnState->mAppState = nullptr;

if (mPeerConnState->mConnectionState != Transport::TCPState::kConnected)
{
// Abort the connection if the CASESession is being destroyed and the
// connection is in the middle of being set up.
mSessionManager->TCPDisconnect(mPeerConnState, /* shouldAbort = */ true);
mPeerConnState = nullptr;
}
}
#endif // INET_CONFIG_ENABLE_TCP_ENDPOINT
}
Expand Down

0 comments on commit 556ac52

Please sign in to comment.