Home Explore Help
Register Sign In
wareck
/
krackattacks
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

Make dl_list_first() and dl_list_last() uses easier for static analyzers

The previous check for dl_list_len() or having an entry from the list is
sufficient, but some static analyzers cannot figure out that
dl_list_first() and dl_list_last() will return non-NULL in this type of
cases. Avoid invalid reports by explicitly checking for NULL.

Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen 11 years ago
parent
5f693cb1b6
commit
0bceb8d6f4
5 changed files with 23 additions and 16 deletions
Split View Show Diff Stats
  1. 1 1
      src/drivers/driver_test.c
  2. 2 2
      src/p2p/p2p.c
  3. 4 0
      src/wps/wps_upnp_ssdp.c
  4. 12 8
      src/wps/wps_upnp_web.c
  5. 4 5
      wpa_supplicant/p2p_supplicant.c

+ 1 - 1
src/drivers/driver_test.c
View File 

@@ -1906,7 +1906,7 @@ static void wpa_driver_test_scan_cmd(struct wpa_driver_test_data *drv,
 
 
 	/* data: optional [ STA-addr | ' ' | IEs(hex) ] */
 
 
-	if (!drv->ibss)
 
+	if (bss == NULL || !drv->ibss)
 
 		return;
 
 
 	pos = buf;

+ 2 - 2
src/p2p/p2p.c
View File 

@@ -4210,7 +4210,7 @@ p2p_get_peer_found(struct p2p_data *p2p, const u8 *addr, int next)
 
 				dev = dl_list_first(&dev->list,
 
 						    struct p2p_device,
 
 						    list);
 
-				if (&dev->list == &p2p->devices)
 
+				if (!dev || &dev->list == &p2p->devices)
 
 					return NULL;
 
 			} while (dev->flags & P2P_DEV_PROBE_REQ_ONLY);
 
 		}
 
@@ -4222,7 +4222,7 @@ p2p_get_peer_found(struct p2p_data *p2p, const u8 *addr, int next)
 
 			dev = dl_list_first(&dev->list,
 
 					    struct p2p_device,
 
 					    list);
 
-			if (&dev->list == &p2p->devices)
 
+			if (!dev || &dev->list == &p2p->devices)
 
 				return NULL;
 
 		}
 
 	}

+ 4 - 0
src/wps/wps_upnp_ssdp.c
View File 

@@ -134,6 +134,8 @@ next_advertisement(struct upnp_wps_device_sm *sm,
 
 	*islast = 0;
 
 	iface = dl_list_first(&sm->interfaces,
 
 			      struct upnp_wps_device_interface, list);
 
+	if (!iface)
 
+		return NULL;
 
 	uuid_bin2str(iface->wps->uuid, uuid_string, sizeof(uuid_string));
 
 	msg = wpabuf_alloc(800); /* more than big enough */
 
 	if (msg == NULL)
 
@@ -587,6 +589,8 @@ static void ssdp_parse_msearch(struct upnp_wps_device_sm *sm,
 
 					&sm->interfaces,
 
 					struct upnp_wps_device_interface,
 
 					list);
 
+				if (!iface)
 
+					continue;
 
 				data += os_strlen("uuid:");
 
 				uuid_bin2str(iface->wps->uuid, uuid_string,
 
 					     sizeof(uuid_string));

+ 12 - 8
src/wps/wps_upnp_web.c
View File 

@@ -179,15 +179,12 @@ static const char *wps_device_xml_postfix =
 
 /* format_wps_device_xml -- produce content of "file" wps_device.xml
 
  * (UPNP_WPS_DEVICE_XML_FILE)
 
  */
 
-static void format_wps_device_xml(struct upnp_wps_device_sm *sm,
 
+static void format_wps_device_xml(struct upnp_wps_device_interface *iface,
 
+				  struct upnp_wps_device_sm *sm,
 
 				  struct wpabuf *buf)
 
 {
 
 	const char *s;
 
 	char uuid_string[80];
 
-	struct upnp_wps_device_interface *iface;
 
-
 
-	iface = dl_list_first(&sm->interfaces,
 
-			      struct upnp_wps_device_interface, list);
 
 
 	wpabuf_put_str(buf, wps_device_xml_prefix);
 
 
@@ -319,6 +316,10 @@ static void web_connection_parse_get(struct upnp_wps_device_sm *sm,
 
 
 	iface = dl_list_first(&sm->interfaces,
 
 			      struct upnp_wps_device_interface, list);
 
+	if (iface == NULL) {
 
+		http_request_deinit(hreq);
 
+		return;
 
+	}
 
 
 	/*
 
 	 * It is not required that filenames be case insensitive but it is
 
@@ -391,7 +392,7 @@ static void web_connection_parse_get(struct upnp_wps_device_sm *sm,
 
 
 	switch (req) {
 
 	case GET_DEVICE_XML_FILE:
 
-		format_wps_device_xml(sm, buf);
 
+		format_wps_device_xml(iface, sm, buf);
 
 		break;
 
 	case GET_SCPD_XML_FILE:
 
 		wpabuf_put_str(buf, wps_scpd_xml);
 
@@ -419,13 +420,14 @@ web_process_get_device_info(struct upnp_wps_device_sm *sm,
 
 
 	iface = dl_list_first(&sm->interfaces,
 
 			      struct upnp_wps_device_interface, list);
 
-	peer = &iface->peer;
 
 
 	wpa_printf(MSG_DEBUG, "WPS UPnP: GetDeviceInfo");
 
 
-	if (iface->ctx->ap_pin == NULL)
 
+	if (!iface || iface->ctx->ap_pin == NULL)
 
 		return HTTP_INTERNAL_SERVER_ERROR;
 
 
+	peer = &iface->peer;
 
+
 
 	/*
 
 	 * Request for DeviceInfo, i.e., M1 TLVs. This is a start of WPS
 
 	 * registration over UPnP with the AP acting as an Enrollee. It should
 
@@ -473,6 +475,8 @@ web_process_put_message(struct upnp_wps_device_sm *sm, char *data,
 
 
 	iface = dl_list_first(&sm->interfaces,
 
 			      struct upnp_wps_device_interface, list);
 
+	if (!iface)
 
+		return HTTP_INTERNAL_SERVER_ERROR;
 
 
 	/*
 
 	 * PutMessage is used by external UPnP-based Registrar to perform WPS

+ 4 - 5
wpa_supplicant/p2p_supplicant.c
View File 

@@ -6781,7 +6781,7 @@ void wpas_p2p_new_psk_cb(struct wpa_supplicant *wpa_s, const u8 *mac_addr,
 
 {
 
 	struct wpa_ssid *ssid = wpa_s->current_ssid;
 
 	struct wpa_ssid *persistent;
 
-	struct psk_list_entry *p;
 
+	struct psk_list_entry *p, *last;
 
 
 	if (psk_len != sizeof(p->psk))
 
 		return;
 
@@ -6841,10 +6841,9 @@ void wpas_p2p_new_psk_cb(struct wpa_supplicant *wpa_s, const u8 *mac_addr,
 
 	}
 
 	os_memcpy(p->psk, psk, psk_len);
 
 
-	if (dl_list_len(&persistent->psk_list) > P2P_MAX_STORED_CLIENTS) {
 
-		struct psk_list_entry *last;
 
-		last = dl_list_last(&persistent->psk_list,
 
-				    struct psk_list_entry, list);
 
+	if (dl_list_len(&persistent->psk_list) > P2P_MAX_STORED_CLIENTS &&
 
+	    (last = dl_list_last(&persistent->psk_list,
 
+				 struct psk_list_entry, list))) {
 
 		wpa_dbg(wpa_s, MSG_DEBUG, "P2P: Remove oldest PSK entry for "
 
 			MACSTR " (p2p=%u) to make room for a new one",
 
 			MAC2STR(last->addr), last->p2p);