# HG changeset patch # User Mikael Berthe # Date 1140271457 -3600 # Node ID 603b43e4f56a3378bde789b4d61365c5e048809b # Parent 4118a66f2c023fe7e0f763b1a9b019d2d7d22cba Fix a bug in iqs_check_timeout() There was a possible segfault because g_slist_next() could be called with a freed element. (Note: this function is never called yet, anyway...) While I'm changing it, I'm changing the prototype so that iqs_check_timeout() takes now_t as a parameter; it will save a time() call. diff -r 4118a66f2c02 -r 603b43e4f56a mcabber/src/jab_iq.c --- a/mcabber/src/jab_iq.c Sat Feb 18 12:05:46 2006 +0100 +++ b/mcabber/src/jab_iq.c Sat Feb 18 15:04:17 2006 +0100 @@ -124,16 +124,18 @@ return 0; } -void iqs_check_timeout(void) +void iqs_check_timeout(time_t now_t) { GSList *p; iqs *i; - time_t now_t; - time(&now_t); + p = iqs_list; + while (p) { + i = p->data; + // We must get next iqs element now because the current one + // could be freed. + p = g_slist_next(p); - for (p = iqs_list; p; p = g_slist_next(p)) { - i = p->data; if ((!i->ts_expire && now_t > i->ts_create + IQS_MAX_TIMEOUT) || (i->ts_expire && now_t > i->ts_expire)) { iqs_callback(i->id, NULL, IQS_CONTEXT_TIMEOUT); diff -r 4118a66f2c02 -r 603b43e4f56a mcabber/src/jab_priv.h --- a/mcabber/src/jab_priv.h Sat Feb 18 12:05:46 2006 +0100 +++ b/mcabber/src/jab_priv.h Sat Feb 18 15:04:17 2006 +0100 @@ -20,7 +20,7 @@ }; -#define IQS_DEFAULT_TIMEOUT 40 +#define IQS_DEFAULT_TIMEOUT 90 #define IQS_MAX_TIMEOUT 600 #define IQS_CONTEXT_RESULT 0 /* Normal result should be zero */ @@ -48,7 +48,7 @@ iqs *iqs_new(guint8 type, const char *ns, const char *prefix, time_t timeout); int iqs_del(const char *iqid); int iqs_callback(const char *iqid, xmlnode xml_result, guint iqcontext); -void iqs_check_timeout(void); +void iqs_check_timeout(time_t now_t); void iqscallback_auth(iqs *iqp, xmlnode xml_result); void request_version(const char *fulljid); void request_time(const char *fulljid);