Android 5.1.1 release 4
Fixup existing listeners struct irec pointers.
This fixes a difficult to diagnose bug in which when closing old
listeners and creating new listeners, any listeners which stick
around are regrettably left with their iface pointer pointing to
a struct irec that is free()d at the end of the set_interfaces()
call.
This results in a situation where subsequent malloc()s can reuse
this memory which, when written to, corrupts the listener's concept
of its listening address (by overwriting iface.addr).
This mean that when this listener is later closed because, say,
tethering on its interface has been removed, the close logic is
comparing IPv4 socket addresses with possible garbage, resulting
in the socket not being closed because no matching listening
address is found.
Because the socket is never closed, if the interface is later
re-added the bind() to the interface address fails with
EADDRINUSE.
Also: fix a bogus memset() invocation.
Bug: 17475756
Change-Id: I369dcd50b1d03db279fdb2c1d7f0e048df21be65
1 file changed
