this case the bug was that server_terminate_connection() destroys the
server context, which in turn cascades down to destroy all current
request contexts, so we musn't then try to destroy the request
structure a second time.
(This used to be commit
28a647f681e2166c01f7ac59b16305676d5caa71)
status = socket_send(req->smb_conn->connection->socket, req, &tmp_blob, &sendlen, SOCKET_FLAG_BLOCK);
if (!NT_STATUS_IS_OK(status) || (req->out.size != sendlen)) {
smbsrv_terminate_connection(req->smb_conn, "failed to send reply\n");
+ return;
}
req_destroy(req);