![]() If wait_for_nfs_reply() times out, nfs_mount can return with RPCs still pending. In that case when the RPCs complete (perhaps because someone calls destroy_context()), the callbacks run, and private_data is pointing at what was the stack-allocated cb_data structure. Stack smashing and segfaulty fun ensue. Fix by ensuring no RPCs are pending before returning from nfs_mount() by disconnecting on errors. |
||
---|---|---|
.. | ||
Makefile.am | ||
init.c | ||
libnfs-sync.c | ||
libnfs-win32.def | ||
libnfs-zdr.c | ||
libnfs.c | ||
pdu.c | ||
socket.c |