Fix: crash when joining a server again after a TCP disconnect #9453
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Motivation / Problem
This PR tries to fix this. But it isn't simple :P
Description
A while back we untangled
CloseConnection
andCloseSocket
in theNetworkTCPSocketHandler
. Sadly, it seems that we didn't look close enough to how clients handle disconnects. But honestly, I suspect this has been broken for many years already; it was just hiding, as it "mostly" will be fine for release builds (lack of asserts etc).The problem really is: when the TCP connection is terminated,
SendPackets
notices this, calls theCloseConnection(bool)
, which no longer called theCloseConnection(status)
. SoClientNetworkGameSocketHandler::CloseConnection
was never called anymore, which is the only place that can freemy_client
.The comment in
ClientNetworkGameSocketHandler::CloseConnection
is outdated:sock
can never becomeINVALID_SOCKET
anymore, unless the object is destroyed. Instead, we have a flag to indicate the socket is closed. But either way, when called, it should destroymy_client
.This creates another use-after-free, as
ClientNetworkGameSocketHandler::Send
callsSendPackets
, which can cause the free to happen, but usesmy_client
after that again. So this is now guarded too.Still with me? Yeah, it took me a while too to untangle this mess. I hope this explanation helped you a bit :)
Limitations
Checklist for review
Some things are not automated, and forgotten often. This list is a reminder for the reviewers.