From: Jérémie Galarneau Date: Thu, 12 Sep 2019 14:23:23 +0000 (-0400) Subject: lttng-sessiond: clean-up: set free'd pointer to NULL X-Git-Tag: v2.11.0-rc4~45 X-Git-Url: https://git.lttng.org./?a=commitdiff_plain;h=3577d7d8ecbe2ded93572fcf38ea555bd3d04722;p=lttng-tools.git lttng-sessiond: clean-up: set free'd pointer to NULL Set the wait_node and ust_cmd pointers to NULL after they have been free'd to make this function easier to follow. This may also help scan-build analyze this function as it gets confused about the values of those variables. Currently, scan-build (clang 8.0.1) reports a use-after free of both variables when 'app' is simultaneously null and non-null... you read that right. Signed-off-by: Jérémie Galarneau --- diff --git a/src/bin/lttng-sessiond/dispatch.c b/src/bin/lttng-sessiond/dispatch.c index a637f23de..bfe4455b5 100644 --- a/src/bin/lttng-sessiond/dispatch.c +++ b/src/bin/lttng-sessiond/dispatch.c @@ -304,6 +304,7 @@ static void *thread_dispatch_ust_registration(void *data) } lttng_fd_put(LTTNG_FD_APPS, 1); free(ust_cmd); + ust_cmd = NULL; goto error; } CDS_INIT_LIST_HEAD(&wait_node->head); @@ -318,7 +319,9 @@ static void *thread_dispatch_ust_registration(void *data) } lttng_fd_put(LTTNG_FD_APPS, 1); free(wait_node); + wait_node = NULL; free(ust_cmd); + ust_cmd = NULL; continue; } /* @@ -329,6 +332,7 @@ static void *thread_dispatch_ust_registration(void *data) wait_queue.count++; free(ust_cmd); + ust_cmd = NULL; /* * We have to continue here since we don't have the notify * socket and the application MUST be added to the hash table @@ -349,6 +353,7 @@ static void *thread_dispatch_ust_registration(void *data) wait_queue.count--; app = wait_node->app; free(wait_node); + wait_node = NULL; DBG3("UST app notify socket %d is set", ust_cmd->sock); break; } @@ -367,6 +372,7 @@ static void *thread_dispatch_ust_registration(void *data) lttng_fd_put(LTTNG_FD_APPS, 1); } free(ust_cmd); + ust_cmd = NULL; } if (app) {