Fix use-after-free condition when reconnecting silcd to router silcd.

This fixes a use-after-free bug wherein silcd can reuse the context on
the SilcPacketStream when we receive an EOS indication after the link
was terminated due to a timeout error.

diff --git a/apps/silcd/server.c b/apps/silcd/server.c
index dad1a44e268343eb98652e9c6366d526a42bb8a6..6cef2417d9c3ecd65a55f607390ff406e81c1ec9 100644 (file)
--- a/apps/silcd/server.c
+++ b/apps/silcd/server.c
@@ -233,7 +233,10 @@ SILC_TASK_CALLBACK(silc_server_packet_error_timeout)
 
   if (server->router_conn && server->router_conn->sock == stream &&
       !server->router && server->standalone) {
+    if (idata->sconn && idata->sconn->callback)
+      (*idata->sconn->callback)(server, NULL, idata->sconn->callback_context);
     silc_server_create_connections(server);
+    silc_server_free_sock_user_data(server, stream, NULL);
   } else {
     /* If backup disconnected then mark that resuming will not be allowed */
      if (server->server_type == SILC_ROUTER && !server->backup_router &&