From 7171512cd4f31b3c2dc5c135bd48e278ea2e2d0d Mon Sep 17 00:00:00 2001 From: Dimitri Staessens Date: Mon, 28 May 2018 15:55:13 +0200 Subject: ipcpd: Avoid false positive use-after-free in DHT The static analyzer misses the linked list logic. An assertion is added that indicates that the pointer was changed indirectly by the previous element. Signed-off-by: Dimitri Staessens Signed-off-by: Sander Vrijders --- src/ipcpd/normal/dht.c | 1 + 1 file changed, 1 insertion(+) (limited to 'src/ipcpd/normal') diff --git a/src/ipcpd/normal/dht.c b/src/ipcpd/normal/dht.c index 917cbc15..069b89d5 100644 --- a/src/ipcpd/normal/dht.c +++ b/src/ipcpd/normal/dht.c @@ -863,6 +863,7 @@ static void lookup_update(struct dht * dht, d = list_last_entry(&lu->contacts, struct contact, next); list_del(&d->next); + assert(lu->contacts.prv != &d->next); contact_destroy(d); mod = true; } -- cgit v1.2.3