Prevent continuing of an already finished FSM.

Another fix for another crash relating to misuse of FSM and callback logic in
the SKE library.

diff --git a/lib/silcske/silcske.c b/lib/silcske/silcske.c
index 9cb98f71b5929085d2b0a2a394baabb6b00c51b6..1987ffc279f737dcb91d2ee65f1ff4df4941dec2 100644 (file)
--- a/lib/silcske/silcske.c
+++ b/lib/silcske/silcske.c
@@ -968,6 +968,7 @@ static void silc_ske_finished(SilcFSM fsm, void *fsm_context,
                              void *destructor_context)
 {
   SilcSKE ske = fsm_context;
+  ske->fsm_finished = TRUE;
     silc_ske_free(ske);
 }
 
@@ -1046,7 +1047,10 @@ void silc_ske_free(SilcSKE ske)
 
       silc_ske_notify_failure(ske);
 
-      silc_fsm_continue_sync(&ske->fsm);
+      if (!ske->fsm_finished)
+         silc_fsm_continue_sync(&ske->fsm);
+      else
+         SILC_LOG_DEBUG(("Not continuing FSM as it's finished for SKE %p", ske));
     }
 
   ske->refcnt--;

diff --git a/lib/silcske/silcske_i.h b/lib/silcske/silcske_i.h
index 4473284b70d7362b0d903c69cbb384ee8ce88212..572b0837fbc368f0aa3f1f8162546b7fef627de0 100644 (file)
--- a/lib/silcske/silcske_i.h
+++ b/lib/silcske/silcske_i.h
@@ -94,6 +94,7 @@ struct SilcSKEStruct {
   unsigned int responder        : 1;         /* Set when we are responder side */
   unsigned int rekeying         : 1;         /* Set when rekeying */
   unsigned int failure_notified : 1;         /* Set to indicate that we already called the failure notify routine */
+  unsigned int fsm_finished     : 1;         /* Set when we're in FSM teardown */
 };
 
 #endif /* SILCSKE_I_H */