From 3544d4584c70debc7bbf93c6dad00b303ff8919a Mon Sep 17 00:00:00 2001
From: Patrick Oppenlander <patrick@motec.com.au>
Date: Tue, 29 Jun 2010 01:08:26 +0200
Subject: core: fix potential crash on service name collision

If there is a service name collision and the entry group callback calls
avahi_s_entry_group_reset or avahi_s_entry_group free on the group in
question, the entries were released. This could cause a crash in
withdraw_rrset as it is walking a list of entries at this time.

The fix for this issue is to schedule a cleanup event to clean up
entries after a a short timeout (currently one second). If a cleanup
occurs for any other reason the event is cancelled.

http://avahi.org/ticket/302
---
 avahi-core/internal.h | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'avahi-core/internal.h')

diff --git a/avahi-core/internal.h b/avahi-core/internal.h
index a4b10ed..eb7f146 100644
--- a/avahi-core/internal.h
+++ b/avahi-core/internal.h
@@ -121,6 +121,9 @@ struct AvahiServer {
 
     int need_entry_cleanup, need_group_cleanup, need_browser_cleanup;
 
+    /* Used for scheduling RR cleanup */
+    AvahiTimeEvent *cleanup_time_event;
+
     AvahiTimeEventQueue *time_event_queue;
 
     char *host_name, *host_name_fqdn, *domain_name;
-- 
cgit