Fix unix/transport.queue reference leaks.

Fix two leaks for connectionless Unix sockets:
* Double connect: Subsequent connects would leak a reference on the previously
  connected endpoint.
* Close unconnected: Sockets which were not connected at the time of closure
  would leak a reference on their receiver.

PiperOrigin-RevId: 256070451

1 files changed, 12 insertions, 14 deletions

diff --git a/pkg/sentry/socket/unix/transport/connectionless.go b/pkg/sentry/socket/unix/transport/connectionless.go
index c591f261d..c7f7c5b16 100644
--- a/pkg/sentry/socket/unix/transport/connectionless.go
+++ b/pkg/sentry/socket/unix/transport/connectionless.go
@@ -54,29 +54,24 @@ func (e *connectionlessEndpoint) isBound() bool {
 
 // Close puts the endpoint in a closed state and frees all resources associated
 // with it.
-//
-// The socket will be a fresh state after a call to close and may be reused.
-// That is, close may be used to "unbind" or "disconnect" the socket in error
-// paths.
 func (e *connectionlessEndpoint) Close() {
 	e.Lock()
-	var r Receiver
-	if e.Connected() {
-		e.receiver.CloseRecv()
-		r = e.receiver
-		e.receiver = nil
-
+	if e.connected != nil {
 		e.connected.Release()
 		e.connected = nil
 	}
+
 	if e.isBound() {
 		e.path = ""
 	}
+
+	e.receiver.CloseRecv()
+	r := e.receiver
+	e.receiver = nil
 	e.Unlock()
-	if r != nil {
-		r.CloseNotify()
-		r.Release()
-	}
+
+	r.CloseNotify()
+	r.Release()
 }
 
 // BidirectionalConnect implements BoundEndpoint.BidirectionalConnect.
@@ -139,6 +134,9 @@ func (e *connectionlessEndpoint) Connect(ctx context.Context, server BoundEndpoi
 	}
 
 	e.Lock()
+	if e.connected != nil {
+		e.connected.Release()
+	}
 	e.connected = connected
 	e.Unlock()