From ac1537089af07b51bdae5ba9e843f4ceb46a6f96 Mon Sep 17 00:00:00 2001
From: ulfvonbelow <strilen@tilde.club>
Date: Sun, 29 Jan 2023 06:24:16 -0600
Subject: [PATCH] NAMESTORE: avoid use-after-free in handle_record_result.

---
 src/namestore/namestore_api.c | 16 +++++++++++-----
 1 file changed, 11 insertions(+), 5 deletions(-)

diff --git a/src/namestore/namestore_api.c b/src/namestore/namestore_api.c
index df6ba1f33..2c5efb745 100644
--- a/src/namestore/namestore_api.c
+++ b/src/namestore/namestore_api.c
@@ -619,11 +619,17 @@ handle_record_result (void *cls, const struct RecordResultMessage *msg)
     }
     if (NULL != ze)
     {
-      if (NULL != ze->proc)
-        ze->proc (ze->proc_cls, &private_key, name, rd_count, rd);
-      if (NULL != ze->proc2)
-        ze->proc2 (ze->proc_cls, &private_key, name,
-                   rd_count, rd, GNUNET_TIME_absolute_ntoh (msg->expire));
+      // Store them here because a callback could free ze
+      GNUNET_NAMESTORE_RecordMonitor proc;
+      GNUNET_NAMESTORE_RecordSetMonitor proc2;
+      void *proc_cls = ze->proc_cls;
+      proc = ze->proc;
+      proc2 = ze->proc2;
+      if (NULL != proc)
+        proc (proc_cls, &private_key, name, rd_count, rd);
+      if (NULL != proc2)
+        proc2 (proc_cls, &private_key, name,
+               rd_count, rd, GNUNET_TIME_absolute_ntoh (msg->expire));
       return;
     }
   }
-- 
2.38.1