[PATCH] Fix two new CIDs in the new tevent wrapper code

Ralph Böhme slow at samba.org
Tue Jul 17 11:02:37 UTC 2018 

Hi!

Patch attached, please review&push if happy. Thanks!

-slow

-- 
Ralph Boehme, Samba Team       https://samba.org/
Samba Developer, SerNet GmbH   https://sernet.de/en/samba/
GPG Key Fingerprint:           FAE2 C608 8A24 2520 51C5
                               59E4 AA1E 9B71 2639 9E46
-------------- next part --------------
From ecea2efa1c8f180d70fea257f16130d9211e52c8 Mon Sep 17 00:00:00 2001
From: Ralph Boehme <slow at samba.org>
Date: Tue, 17 Jul 2018 12:54:29 +0200
Subject: [PATCH 1/2] tevent: fix CID 1437976 dereference before null check

Signed-off-by: Ralph Boehme <slow at samba.org>
---
 lib/tevent/tevent_threads.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/lib/tevent/tevent_threads.c b/lib/tevent/tevent_threads.c
index 21a9b686ba9..a89990f231a 100644
--- a/lib/tevent/tevent_threads.c
+++ b/lib/tevent/tevent_threads.c
@@ -473,7 +473,7 @@ void _tevent_threaded_schedule_immediate(struct tevent_threaded_context *tctx,
 #ifdef HAVE_PTHREAD
 	const char *create_location = im->create_location;
 	struct tevent_context *main_ev = NULL;
-	struct tevent_wrapper_glue *glue = tctx->event_ctx->wrapper.glue;
+	struct tevent_wrapper_glue *glue = NULL;
 	int ret, wakeup_fd;
 
 	ret = pthread_mutex_lock(&tctx->event_ctx_mutex);
@@ -492,6 +492,8 @@ void _tevent_threaded_schedule_immediate(struct tevent_threaded_context *tctx,
 		return;
 	}
 
+	glue = tctx->event_ctx->wrapper.glue;
+
 	if ((im->event_ctx != NULL) || (handler == NULL)) {
 		abort();
 	}
-- 
2.13.6


From edda4416d523013f5d94bba1e488e1ad65416018 Mon Sep 17 00:00:00 2001
From: Ralph Boehme <slow at samba.org>
Date: Tue, 17 Jul 2018 12:59:50 +0200
Subject: [PATCH 2/2] tevent: fix CID 1437974 dereference after null check

Probably a copy/paste error from the tevent_debug() statement a few
lines above as at this place we want to pass main_ev directly to
tevent_debug() anyway.

Signed-off-by: Ralph Boehme <slow at samba.org>
---
 lib/tevent/tevent_wrapper.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/tevent/tevent_wrapper.c b/lib/tevent/tevent_wrapper.c
index 05c4c06968a..a07696af0a4 100644
--- a/lib/tevent/tevent_wrapper.c
+++ b/lib/tevent/tevent_wrapper.c
@@ -347,7 +347,7 @@ struct tevent_context *_tevent_context_wrapper_create(struct tevent_context *mai
 		/*
 		 * wrappers conflict with nesting
 		 */
-		tevent_debug(main_ev->wrapper.glue->main_ev, TEVENT_DEBUG_FATAL,
+		tevent_debug(main_ev, TEVENT_DEBUG_FATAL,
 			     "%s: %s() conflicts with nesting\n",
 			     __func__, location);
 		errno = EINVAL;
-- 
2.13.6

More information about the samba-technical mailing list