Clean up properly when adding a signal handler fails.

Previously, when a signation() or signal() call failed, we would free
the element we added to sh_old, but not actually clear the pointer.
This would leave a dangling pointer in sh_old that could cause a
crash later.

diff --git a/signal.c b/signal.c
index be02f9d50b9edc83195b0579c1991321b12a1f93..386f4763983aa8700c976d5523bcfe1b4516323e 100644 (file)
--- a/signal.c
+++ b/signal.c
@@ -185,12 +185,14 @@ _evsig_set_handler(struct event_base *base,
        if (sigaction(evsignal, &sa, sig->sh_old[evsignal]) == -1) {
                event_warn("sigaction");
                mm_free(sig->sh_old[evsignal]);
+               sig->sh_old[evsignal] = NULL;
                return (-1);
        }
 #else
        if ((sh = signal(evsignal, handler)) == SIG_ERR) {
                event_warn("signal");
                mm_free(sig->sh_old[evsignal]);
+               sig->sh_old[evsignal] = NULL;
                return (-1);
        }
        *sig->sh_old[evsignal] = sh;