From 01dcf7e9ac2c7d8bec3bbc69b44d1f83b3dfa44e Mon Sep 17 00:00:00 2001 From: Richard Cochran Date: Sun, 1 Nov 2015 12:30:51 +0100 Subject: [PATCH] Properly initialize the message lists. The message lists are implemented using a TAILQ from queue(3). The heads of the list must be initialized using the provided macros, since the field called 'tqh_last' is non-zero in the initial state. This patch fixes a potential null pointer dereference by properly initializing the queues. Note that there is no actual bug in the current code, because it uses the lists in such a way as to initialize 'tqh_last' before any dereference. Signed-off-by: Richard Cochran --- msg.c | 2 +- port.c | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/msg.c b/msg.c index 06a3812..a38b815 100644 --- a/msg.c +++ b/msg.c @@ -42,7 +42,7 @@ struct message_storage { struct ptp_message msg; } PACKED; -static TAILQ_HEAD(msg_pool, ptp_message) msg_pool; +static TAILQ_HEAD(msg_pool, ptp_message) msg_pool = TAILQ_HEAD_INITIALIZER(msg_pool); static struct { int total; diff --git a/port.c b/port.c index 3f32433..93a79b1 100644 --- a/port.c +++ b/port.c @@ -376,6 +376,7 @@ static int add_foreign_master(struct port *p, struct ptp_message *m) return 0; } memset(fc, 0, sizeof(*fc)); + TAILQ_INIT(&fc->messages); LIST_INSERT_HEAD(&p->foreign_masters, fc, list); fc->port = p; fc->dataset.sender = m->header.sourcePortIdentity;