From cf755204106e7bfd9a1a169d10e3451c918a7982 Mon Sep 17 00:00:00 2001 From: "U-fast\\aglo" Date: Tue, 12 Oct 2010 11:20:26 -0400 Subject: [PATCH] cb_args should be allocated when we fork a thread to handle the callback, the arguments we got from parsing the callback operations in the callback thread are on the stack. we need to allocate memory for same-size data structure and copy them, not just copy the pointer. --- daemon/callback_server.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/daemon/callback_server.c b/daemon/callback_server.c index 66fe9b5..3c56f10 100644 --- a/daemon/callback_server.c +++ b/daemon/callback_server.c @@ -183,6 +183,7 @@ static unsigned int WINAPI _handle_cb_recall(void *args) dprintf(1, "_handle_cb_recall: sending nfs41_delegreturn\n"); nfs41_delegreturn(cb_args->rpc_clnt->client->session, &path_fh, &cb_args->args->stateid); + free(cb_args->args); free(cb_args); dprintf(1, "_handle_cb_recall: end\n"); return 1; @@ -203,7 +204,13 @@ static enum_t handle_cb_recall( goto out; } cb_args->rpc_clnt = rpc_clnt; - cb_args->args = args; + cb_args->args = calloc(1, sizeof(struct cb_recall_args)); + if (cb_args->args == NULL) { + free(cb_args); + res->status = NFS4ERR_RESOURCE; + goto out; + } + memcpy(cb_args->args, args, sizeof(struct cb_recall_args)); _beginthreadex(NULL, 0, _handle_cb_recall, cb_args, 0, NULL); out: return res->status;