Don't use reference counting in isc_timer unit (!6067) · Merge requests · ISC Open Source Projects / BIND

Ondřej Surý requested to merge 3252-stop-timer-before-detach into main Apr 01, 2022

The reference counting and isc_timer_attach()/isc_timer_detach() semantic are actually misleading because it cannot be used under normal conditions. The usual conditions under which is timer used uses the object where timer is used as argument to the "timer" itself. This means that when the caller is using isc_timer_detach() it needs the timer to stop and the isc_timer_detach() does that only if this would be the last reference. Unfortunately, this also means that if the timer is attached elsewhere and the timer is fired it will most likely be use-after-free, because the object used in the timer no longer exists.

Remove the reference counting from the isc_timer unit, remove isc_timer_attach() function and rename isc_timer_detach() to isc_timer_destroy() to better reflect how the API needs to be used.

Closes #3252 (closed)

Don't use reference counting in isc_timer unit

Merge request reports