diff options
| author |   Jason A. Donenfeld <Jason@zx2c4.com> | 2021-05-07 12:02:00 +0200 |
|---|---|---|
| committer | Jason A. Donenfeld <Jason@zx2c4.com> | 2021-05-10 11:23:58 +0200 |
| commit | d9555bea1b65fe2ea7e3815486fe8f6c7c3a38dd (patch) | |
| tree | d188d7d21531702d62a42ac0907ac7db6ecef986 | |
| parent | version: bump (diff) | |
| download | wintun-d9555bea1b65fe2ea7e3815486fe8f6c7c3a38dd.tar.xz wintun-d9555bea1b65fe2ea7e3815486fe8f6c7c3a38dd.zip | |
api: discourage UaF on teardown
While it does make sense to make readers unblock by setting the read
event on teardown, this is something that consumers of the library
should do _before_ calling EndSession, not something that makes sense
for the library to do itself. The reason is that, in the hypothetical
case in which this makes sense, immediately after unblocking the reader
via SetEvent, the function goes on to free all of the memory that that
reader might want to use. So, rather, the proper shutdown flow is from
the application side, and looks like:
Closing = true;
SetEvent(WintunGetReadWaitEvent());
WaitForReadersToReturn();
WintunEndSession();
Alternatively, rather than using WaitForSingleObject on the read event,
consumers can WaitForMultipleObjects and include a shutdown event, which
is what the example code does.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
| -rw-r--r-- | api/session.c | 1 |
1 files changed, 0 insertions, 1 deletions
diff --git a/api/session.c b/api/session.c index ef65214..763dd83 100644 --- a/api/session.c +++ b/api/session.c @@ -154,7 +154,6 @@ out: void WINAPI WintunEndSession(_In_ TUN_SESSION *Session) { - SetEvent(Session->Descriptor.Send.TailMoved); // Wake the reader if it's sleeping. DeleteCriticalSection(&Session->Send.Lock); DeleteCriticalSection(&Session->Receive.Lock); CloseHandle(Session->Handle); |