From d70c666549a9ee17de7349904529cf41bf023926 Mon Sep 17 00:00:00 2001
From: Alan Coopersmith <alan.coopersmith@oracle.com>
Date: Sat, 30 Apr 2022 15:04:53 -0700
Subject: ConnectToPeer: be doubly sure that use-after-free doesn't happen

This resolves an issue reported by the Oracle Parfait static analyzer:

Error: Use after free
   Use after free [use-after-free] (CWE 416):
      Use after free of pointer trans_conn
        at line 566 of lib/libICE/src/connect.c in function 'ConnectToPeer'.
          trans_conn previously freed with _IceTransClose at line 532
          trans_conn was allocated at line 525 with _IceTransOpenCOTSClient

even though I believe this is already handled by the
'if (madeConnection) { ... } else trans_conn = NULL;'
block, but the analyzer apparently doesn't follow that logic,
while this simple change makes it obvious.

Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
---
 src/connect.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/connect.c b/src/connect.c
index b39ca3c..b52b566 100644
--- a/src/connect.c
+++ b/src/connect.c
@@ -530,6 +530,7 @@ ConnectToPeer (char *networkIdsList, char **actualConnectionRet)
 	    if ((connect_stat = _IceTransConnect (trans_conn, address)) < 0)
 	    {
 		_IceTransClose (trans_conn);
+		trans_conn = NULL;
 
 		if (connect_stat == TRANS_TRY_CONNECT_AGAIN)
 		{
-- 
cgit v1.2.3