Gitiles
Code Review Sign In
gerrit.osmocom.org / osmo-ggsn / e2a1de5ca5ca1f7c03955fc36d7c62dc9e91d8cb^! / . / ggsn / ggsn.c
commite2a1de5ca5ca1f7c03955fc36d7c62dc9e91d8cb[log] [tgz]
authorHarald Welte <laforge@gnumonks.org>Wed Nov 08 15:24:07 2017 +0900
committerHarald Welte <laforge@gnumonks.org>Mon Nov 13 23:57:58 2017 +0900
tree5f7be5842c691255eb90262c5d8f9837c7b24e22
parent4c7d29107ff6f1f2c1e1649bc950bd098148be1a [diff] [blame]
Properly NULL-out blacklist in alloc_ippool_blacklist()

This ensures that in case of error, any caller can still safely
call talloc_free() on the blacklist pointerm as free on NULL
is well-defined.  With the code prior to this patch we fear
a double-free.

Change-Id: Idc511cb3f0dfb922920aba8f88ea77df1722ecdc

diff --git a/ggsn/ggsn.c b/ggsn/ggsn.c
index 45b3116..4af044e 100644
--- a/ggsn/ggsn.c
+++ b/ggsn/ggsn.c

@@ -152,26 +152,30 @@
 
 	int flags, len, len2, i;
 
+	*blacklist = NULL;
+
 	if (ipv6)
 		flags = IP_TYPE_IPv6_NONLINK;
 	else
 		flags = IP_TYPE_IPv4;
 
 	while (1) {
-		len = tun_ip_local_get(apn->tun.tun, NULL, 0, flags);
+		len = netdev_ip_local_get(apn->tun.cfg.dev_name, NULL, 0, flags);
 		if (len < 1)
 			return len;
 
 		*blacklist = talloc_zero_size(apn, len * sizeof(struct in46_prefix));
-		len2 = tun_ip_local_get(apn->tun.tun, *blacklist, len, flags);
+		len2 = netdev_ip_local_get(apn->tun.cfg.dev_name, *blacklist, len, flags);
 		if (len2 < 1) {
 			talloc_free(*blacklist);
+			*blacklist = NULL;
 			return len2;
 		}
 
-		if (len2 > len) /* iface was added between 2 calls, repeat operation */
+		if (len2 > len) { /* iface was added between 2 calls, repeat operation */
 			talloc_free(*blacklist);
-		else
+			*blacklist = NULL;
+		} else
 			break;
 	}