From 72d54b68a69f441040388f2fbd42c83107741197 Mon Sep 17 00:00:00 2001 From: David Cermak Date: Wed, 15 Jan 2020 16:09:18 +0100 Subject: [PATCH] lwip: dhcp-server fix static analysis warnings 1) kill_oldest_dhcps_pool() is only called when list has at least two members (assured with kconfig value limit), added assertion to ensure this function is used only when prerequisities are met 2) use after free reported in two places, since the analyzer checks also the scenario when the linked list has loops, added ignore tags --- components/lwip/apps/dhcpserver/dhcpserver.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/components/lwip/apps/dhcpserver/dhcpserver.c b/components/lwip/apps/dhcpserver/dhcpserver.c index 5052b6741..03c17ad9d 100644 --- a/components/lwip/apps/dhcpserver/dhcpserver.c +++ b/components/lwip/apps/dhcpserver/dhcpserver.c @@ -253,11 +253,13 @@ void node_remove_from_list(list_node **phead, list_node *pdelete) *phead = NULL; } else { if (plist == pdelete) { - *phead = plist->pnext; + // Note: Ignoring the "use after free" warnings, as it could only happen + // if the linked list contains loops + *phead = plist->pnext; // NOLINT(clang-analyzer-unix.Malloc) pdelete->pnext = NULL; } else { while (plist != NULL) { - if (plist->pnext == pdelete) { + if (plist->pnext == pdelete) { // NOLINT(clang-analyzer-unix.Malloc) plist->pnext = pdelete->pnext; pdelete->pnext = NULL; } @@ -1216,6 +1218,7 @@ static void kill_oldest_dhcps_pool(void) list_node *minpre = NULL, *minp = NULL; struct dhcps_pool *pdhcps_pool = NULL, *pmin_pool = NULL; pre = plist; + assert(pre != NULL && pre->pnext != NULL); // Expect the list to have at least 2 nodes p = pre->pnext; minpre = pre; minp = p;