From 44836ef509c7f4302ec10b46935e7eceba98b995 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bj=C3=B6rge=20Dijkstra?= Date: Sun, 14 Jan 2018 23:49:37 +0100 Subject: [PATCH] Fix double free of message buffer. Message buffer `why` is allocated in the `peer` context and also freed when peer is freed. Only explicitly free the buffer when peer itself is not freed yet. --- lightningd/peer_control.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/lightningd/peer_control.c b/lightningd/peer_control.c index ee85da6d6..2de0b7c5a 100644 --- a/lightningd/peer_control.c +++ b/lightningd/peer_control.c @@ -208,11 +208,11 @@ void peer_fail_permanent(struct peer *peer, const char *fmt, ...) } peer_set_owner(peer, NULL); - if (peer_persists(peer)) + if (peer_persists(peer)) { drop_to_chain(peer); - else + tal_free(why); + } else free_peer(peer, why); - tal_free(why); } void peer_internal_error(struct peer *peer, const char *fmt, ...)