Properly NULL-out blacklist in alloc_ippool_blacklist()
This ensures that in case of error, any caller can still safely
call talloc_free() on the blacklist pointerm as free on NULL
is well-defined. With the code prior to this patch we fear
a double-free.
Change-Id: Idc511cb3f0dfb922920aba8f88ea77df1722ecdc
diff --git a/ggsn/ggsn.c b/ggsn/ggsn.c
index 45b3116..4af044e 100644
--- a/ggsn/ggsn.c
+++ b/ggsn/ggsn.c
@@ -152,26 +152,30 @@
int flags, len, len2, i;
+ *blacklist = NULL;
+
if (ipv6)
flags = IP_TYPE_IPv6_NONLINK;
else
flags = IP_TYPE_IPv4;
while (1) {
- len = tun_ip_local_get(apn->tun.tun, NULL, 0, flags);
+ len = netdev_ip_local_get(apn->tun.cfg.dev_name, NULL, 0, flags);
if (len < 1)
return len;
*blacklist = talloc_zero_size(apn, len * sizeof(struct in46_prefix));
- len2 = tun_ip_local_get(apn->tun.tun, *blacklist, len, flags);
+ len2 = netdev_ip_local_get(apn->tun.cfg.dev_name, *blacklist, len, flags);
if (len2 < 1) {
talloc_free(*blacklist);
+ *blacklist = NULL;
return len2;
}
- if (len2 > len) /* iface was added between 2 calls, repeat operation */
+ if (len2 > len) { /* iface was added between 2 calls, repeat operation */
talloc_free(*blacklist);
- else
+ *blacklist = NULL;
+ } else
break;
}