Fix: ustctl_release_object: eliminate double-close/free on error

When ustctl_release_object returns an error, it is unclear to the caller
what close/free side effects were effectively performed and which were
not. So the only courses of action are to either leak file descriptors
or memory, or call ustctl_release_object again which can trigger double
close or double free.

Fix this by setting the file descriptors to -1 after successful close,
and pointers to NULL after successful free.

Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>

diff --git a/liblttng-ust-ctl/ustctl.c b/liblttng-ust-ctl/ustctl.c
index c2b761a1b7cccba3fea0fd0dfad2cc074036b45e..a7bee029db524a4450dd2a7d65ebc4cfed6533c5 100644 (file)
--- a/liblttng-ust-ctl/ustctl.c
+++ b/liblttng-ust-ctl/ustctl.c
@@ -109,8 +109,10 @@ int ustctl_release_object(int sock, struct lttng_ust_object_data *data)
                                ret = -errno;
                                return ret;
                        }
+                       data->u.channel.wakeup_fd = -1;
                }
                free(data->u.channel.data);
+               data->u.channel.data = NULL;
                break;
        case LTTNG_UST_OBJECT_TYPE_STREAM:
                if (data->u.stream.shm_fd >= 0) {
@@ -119,6 +121,7 @@ int ustctl_release_object(int sock, struct lttng_ust_object_data *data)
                                ret = -errno;
                                return ret;
                        }
+                       data->u.stream.shm_fd = -1;
                }
                if (data->u.stream.wakeup_fd >= 0) {
                        ret = close(data->u.stream.wakeup_fd);
@@ -126,6 +129,7 @@ int ustctl_release_object(int sock, struct lttng_ust_object_data *data)
                                ret = -errno;
                                return ret;
                        }
+                       data->u.stream.wakeup_fd = -1;
                }
                break;
        case LTTNG_UST_OBJECT_TYPE_EVENT: