[PATCH 07/13] connection: Avoid stale memory access

Jukka Rissanen jukka.rissanen at linux.intel.com
Thu Feb 2 04:54:23 PST 2012


Get the active gateway pointer only after the gateway hash
has been manipulated by add_gateway(). It is possible that
we are accessing stale pointer otherwise.
---
 src/connection.c |    3 ++-
 1 files changed, 2 insertions(+), 1 deletions(-)

diff --git a/src/connection.c b/src/connection.c
index 545b59f..e4e21d6 100644
--- a/src/connection.c
+++ b/src/connection.c
@@ -567,11 +567,12 @@ int __connman_connection_gateway_add(struct connman_service *service,
 	DBG("service %p index %d gateway %s vpn ip %s type %d",
 		service, index, gateway, peer, type);
 
-	active_gateway = find_active_gateway();
 	new_gateway = add_gateway(service, index, gateway, type);
 	if (new_gateway == NULL)
 		return -EINVAL;
 
+	active_gateway = find_active_gateway();
+
 	DBG("active %p index %d new %p", active_gateway,
 		active_gateway ? active_gateway->index : -1, new_gateway);
 
-- 
1.7.1




More information about the connman mailing list