Bug 1232670: Prepare Bluetooth PDU for sending after checking connection status, r=shuang

The PDU contains a pointer to the operation's result handler. If sending
fails, the result handler is supposed to handle an error. But the PDU
will go out of scope first and release the handler. The error delivery
then fails with a segmentation fault.
This commit is contained in:
Thomas Zimmermann 2015-12-16 13:27:47 +01:00
parent c7cfbb88ac
commit 989aaf55fc

View File

@ -145,15 +145,15 @@ BluetoothDaemonProtocol::Send(DaemonSocketPDU* aPDU,
MOZ_ASSERT(mConnection); MOZ_ASSERT(mConnection);
MOZ_ASSERT(aPDU); MOZ_ASSERT(aPDU);
aPDU->SetConsumer(this);
aPDU->SetResultHandler(aRes);
aPDU->UpdateHeader();
if (mConnection->GetConnectionStatus() == SOCKET_DISCONNECTED) { if (mConnection->GetConnectionStatus() == SOCKET_DISCONNECTED) {
BT_LOGR("Connection to Bluetooth daemon is closed."); BT_LOGR("Connection to Bluetooth daemon is closed.");
return NS_ERROR_FAILURE; return NS_ERROR_FAILURE;
} }
aPDU->SetConsumer(this);
aPDU->SetResultHandler(aRes);
aPDU->UpdateHeader();
mConnection->SendSocketData(aPDU); // Forward PDU to command channel mConnection->SendSocketData(aPDU); // Forward PDU to command channel
return NS_OK; return NS_OK;