[asterisk-dev] [Code Review] Make AST_LIST_REMOVE safer

David Vossel reviewboard at asterisk.org
Fri Jul 15 13:58:05 CDT 2011


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviewboard.asterisk.org/r/1321/#review3881
-----------------------------------------------------------



/branches/1.8/include/asterisk/linkedlists.h
<https://reviewboard.asterisk.org/r/1321/#comment7704>

    These two changes could be avoided by a catch all at the beginning of the macro.
    
    if (!elm) {
        __res = elm
    } else if (head->first == (elm))
    ...
    } else {
    ...
    }
    
    
    if (__res) {
    ...
    {
    
    (__res);


- David


On July 15, 2011, 1:36 p.m., Terry Wilson wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviewboard.asterisk.org/r/1321/
> -----------------------------------------------------------
> 
> (Updated July 15, 2011, 1:36 p.m.)
> 
> 
> Review request for Asterisk Developers.
> 
> 
> Summary
> -------
> 
> AST_LIST_REMOVE sometimes modifies elements that are passed in for comparison, even if they aren't actually found in the list. There are three cases where this can happen. 1) The element is set to NULL in which case Asterisk will crash or 2) The element is a previously freed element in which case Asterisk may crash or 3) The element is a valid element, but not in the list in which case Asterisk will happily set that elements 'next' pointer to NULL effectively truncating whatever list it may have been a member of.
> 
> I will make comments for each of the changes in-line.
> 
> 
> This addresses bug ASTERISK-17917.
>     https://issues.asterisk.org/jira/browse/ASTERISK-17917
> 
> 
> Diffs
> -----
> 
>   /branches/1.8/include/asterisk/linkedlists.h 328380 
>   /branches/1.8/tests/test_linkedlists.c PRE-CREATION 
> 
> Diff: https://reviewboard.asterisk.org/r/1321/diff
> 
> 
> Testing
> -------
> 
> This also adds a set of linked list tests. Asterisk would crash when the test was run on the old code, and does not do so with the new. All tests pass.
> 
> 
> Thanks,
> 
> Terry
> 
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-dev/attachments/20110715/7b1c0249/attachment.htm>


More information about the asterisk-dev mailing list