From f4f908be92c8f4413caf2b6ef12694f564369caf Mon Sep 17 00:00:00 2001 From: Charles Kerr Date: Sun, 30 Nov 2008 21:36:49 +0000 Subject: [PATCH] (libT) #1542: SIGSEGV in tr_publisherPublish --- libtransmission/peer-msgs.c | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/libtransmission/peer-msgs.c b/libtransmission/peer-msgs.c index f87f10e7e..50921e6d8 100644 --- a/libtransmission/peer-msgs.c +++ b/libtransmission/peer-msgs.c @@ -1275,7 +1275,10 @@ readBtMessage( tr_peermsgs * msgs, tr_peerIoReadUint32( msgs->io, inbuf, &ui32 ); dbgmsg( msgs, "got Have: %u", ui32 ); if( tr_bitfieldAdd( msgs->info->have, ui32 ) ) + { fireError( msgs, ERANGE ); + return READ_ERR; + } updatePeerProgress( msgs ); tr_rcTransferred( msgs->torrent->swarmSpeed, msgs->torrent->info.pieceSize ); @@ -1505,7 +1508,7 @@ canRead( struct tr_iobuf * iobuf, void * vmsgs, size_t * piece ) } /* log the raw data that was read */ - if( EVBUFFER_LENGTH( in ) != inlen ) + if( ( ret != READ_ERR ) && ( EVBUFFER_LENGTH( in ) != inlen ) ) fireClientGotData( msgs, inlen - EVBUFFER_LENGTH( in ), FALSE ); return ret; @@ -1578,6 +1581,8 @@ fillOutputBuffer( tr_peermsgs * msgs, time_t now ) const int err = tr_ioRead( msgs->torrent, req.index, req.offset, req.length, buf ); if( err ) { fireError( msgs, err ); + bytesWritten = 0; + msgs = NULL; } else { tr_peerIo * io = msgs->io; struct evbuffer * out = evbuffer_new( ); @@ -1599,7 +1604,8 @@ fillOutputBuffer( tr_peermsgs * msgs, time_t now ) *** Keepalive **/ - if( msgs->clientSentAnythingAt + if( ( msgs != NULL ) + && ( msgs->clientSentAnythingAt != 0 ) && ( ( now - msgs->clientSentAnythingAt ) > KEEPALIVE_INTERVAL_SECS ) ) { dbgmsg( msgs, "sending a keepalive message" ); -- 2.40.0