quic: fix memory leak & crash on connection delete

- quicly conn struct leaked on connection delete
- Occasionally connection delete is called twice
  before connection is closed which caused a crash.

Type: fix

Change-Id: Ifaaaeda55f71d58c97fa4d6652bda60a3efd4b69
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>

diff --git a/src/plugins/quic/quic.c b/src/plugins/quic/quic.c
index 4ca42b9..6bdc17d 100644 (file)
--- a/src/plugins/quic/quic.c
+++ b/src/plugins/quic/quic.c
@@ -572,6 +572,12 @@ quic_connection_delete (quic_ctx_t * ctx)
   clib_bihash_kv_16_8_t kv;
   quicly_conn_t *conn;
 
+  if (ctx->conn == NULL)
+    {
+      QUIC_DBG (2, "Skipping redundant delete of connection %u",
+               ctx->c_c_index);
+      return;
+    }
   QUIC_DBG (2, "Deleting connection %u", ctx->c_c_index);
 
   QUIC_ASSERT (!quic_ctx_is_stream (ctx));
@@ -587,8 +593,8 @@ quic_connection_delete (quic_ctx_t * ctx)
 
   quic_disconnect_transport (ctx);
 
-  if (ctx->conn)
-    quicly_free (ctx->conn);
+  if (conn)
+    quicly_free (conn);
   session_transport_delete_notify (&ctx->connection);
 }