From 74b8b6d65c1175a501abcf35fce51247565da7e9 Mon Sep 17 00:00:00 2001 From: James Prestwood Date: Wed, 19 Sep 2018 12:14:53 -0700 Subject: [PATCH] watchlist: fix stale watchlist item processing All the watchlist notify macros were broken in that they did not check that the watchlist item was still valid before calling it. This only came into play when a watchlist was being notified and one of the notify functions removed an item from the same watchlist. It appears this was already thought of since watchlist_remove checks 'in_notify' and will mark the item's id as stale (0), but that id never got checked in the notify macros. This fixes testAdHoc valgrind warning: ==3347== Invalid read of size 4 ==3347== at 0x416612: eapol_rx_auth_packet (eapol.c:1871) ==3347== by 0x416DD4: __eapol_rx_packet (eapol.c:2334) ==3347== by 0x40725B: netdev_pae_read (netdev.c:3515) ==3347== by 0x440958: io_callback (io.c:123) ==3347== by 0x43FDED: l_main_iterate (main.c:376) ==3347== by 0x43FEAB: l_main_run (main.c:423) ==3347== by 0x40377A: main (main.c:489) ... --- src/watchlist.h | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/src/watchlist.h b/src/watchlist.h index 3d878100..bafebca0 100644 --- a/src/watchlist.h +++ b/src/watchlist.h @@ -66,6 +66,8 @@ void __watchlist_prune_stale(struct watchlist *watchlist); for (; entry; entry = entry->next) { \ struct watchlist_item *item = entry->data; \ type t = item->notify; \ + if (item->id == 0) \ + continue; \ t(args, item->notify_data); \ } \ (watchlist)->in_notify = false; \ @@ -83,6 +85,8 @@ void __watchlist_prune_stale(struct watchlist *watchlist); struct watchlist_item *item = entry->data; \ type t = item->notify; \ \ + if (item->id == 0) \ + continue; \ if (!match(item, match_data)) \ continue; \ \ @@ -102,6 +106,8 @@ void __watchlist_prune_stale(struct watchlist *watchlist); for (; entry; entry = entry->next) { \ struct watchlist_item *item = entry->data; \ type t = item->notify; \ + if (item->id == 0) \ + continue; \ t(item->notify_data); \ } \ (watchlist)->in_notify = false; \