diff options
| author | Claudio Jeker <claudio@cvs.openbsd.org> | 2009-02-25 17:09:56 +0000 |
|---|---|---|
| committer | Claudio Jeker <claudio@cvs.openbsd.org> | 2009-02-25 17:09:56 +0000 |
| commit | 04be85b2d4ff2fa7648abd57f75508dc582f13e9 (patch) | |
| tree | 528c57da548498cdf0d836792ae0a8104a55545b /usr.sbin/ripd | |
| parent | b31a8aca88f7587c56c5d91a933889cfcd19ff2f (diff) | |
Fix an invalid pointer dereference in control_close(). If control_connbyfd()
fails -- which should never happen -- the function does not return and is
accession the NULL set control pointer later on.
Found by Matthew Haub. OK deraadt@
Diffstat (limited to 'usr.sbin/ripd')
| -rw-r--r-- | usr.sbin/ripd/control.c | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/usr.sbin/ripd/control.c b/usr.sbin/ripd/control.c index 78a0b81380b..9cee5dec02e 100644 --- a/usr.sbin/ripd/control.c +++ b/usr.sbin/ripd/control.c @@ -1,4 +1,4 @@ -/* $OpenBSD: control.c,v 1.6 2008/01/31 12:17:35 henning Exp $ */ +/* $OpenBSD: control.c,v 1.7 2009/02/25 17:09:55 claudio Exp $ */ /* * Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org> @@ -170,8 +170,10 @@ control_close(int fd) { struct ctl_conn *c; - if ((c = control_connbyfd(fd)) == NULL) + if ((c = control_connbyfd(fd)) == NULL) { log_warn("control_close: fd %d: not found", fd); + return; + } msgbuf_clear(&c->ibuf.w); TAILQ_REMOVE(&ctl_conns, c, entry); |