Make dl_list_first() and dl_list_last() uses easier for static analyzers

The previous check for dl_list_len() or having an entry from the list is
sufficient, but some static analyzers cannot figure out that
dl_list_first() and dl_list_last() will return non-NULL in this type of
cases. Avoid invalid reports by explicitly checking for NULL.

Signed-off-by: Jouni Malinen <j@w1.fi>

diff --git a/src/drivers/driver_test.c b/src/drivers/driver_test.c
index 1b13d3d23f6296ec4baf501d2ae5c3cadfadd8c0..3608b5228c8d720da0af2893052e3f7f87f32d02 100644 (file)
--- a/src/drivers/driver_test.c
+++ b/src/drivers/driver_test.c
@@ -1906,7 +1906,7 @@ static void wpa_driver_test_scan_cmd(struct wpa_driver_test_data *drv,
 
        /* data: optional [ STA-addr | ' ' | IEs(hex) ] */
 
-       if (!drv->ibss)
+       if (bss == NULL || !drv->ibss)
                return;
 
        pos = buf;

diff --git a/src/p2p/p2p.c b/src/p2p/p2p.c
index ea82ae83590be987471a5ce3fbfd22fe15675e81..b30ea56f30cb32b27e6fbfd7fe688a86fc12dc1b 100644 (file)
--- a/src/p2p/p2p.c
+++ b/src/p2p/p2p.c
@@ -4210,7 +4210,7 @@ p2p_get_peer_found(struct p2p_data *p2p, const u8 *addr, int next)
                                dev = dl_list_first(&dev->list,
                                                    struct p2p_device,
                                                    list);
-                               if (&dev->list == &p2p->devices)
+                               if (!dev || &dev->list == &p2p->devices)
                                        return NULL;
                        } while (dev->flags & P2P_DEV_PROBE_REQ_ONLY);
                }
@@ -4222,7 +4222,7 @@ p2p_get_peer_found(struct p2p_data *p2p, const u8 *addr, int next)
                        dev = dl_list_first(&dev->list,
                                            struct p2p_device,
                                            list);
-                       if (&dev->list == &p2p->devices)
+                       if (!dev || &dev->list == &p2p->devices)
                                return NULL;
                }
        }

diff --git a/src/wps/wps_upnp_ssdp.c b/src/wps/wps_upnp_ssdp.c
index 416961cc0f27a4458dfc9d8d89a9af103491b7a4..098571ceb504ab4ee554f0330665ed1b74a58e15 100644 (file)
--- a/src/wps/wps_upnp_ssdp.c
+++ b/src/wps/wps_upnp_ssdp.c
@@ -134,6 +134,8 @@ next_advertisement(struct upnp_wps_device_sm *sm,
        *islast = 0;
        iface = dl_list_first(&sm->interfaces,
                              struct upnp_wps_device_interface, list);
+       if (!iface)
+               return NULL;
        uuid_bin2str(iface->wps->uuid, uuid_string, sizeof(uuid_string));
        msg = wpabuf_alloc(800); /* more than big enough */
        if (msg == NULL)
@@ -587,6 +589,8 @@ static void ssdp_parse_msearch(struct upnp_wps_device_sm *sm,
                                        &sm->interfaces,
                                        struct upnp_wps_device_interface,
                                        list);
+                               if (!iface)
+                                       continue;
                                data += os_strlen("uuid:");
                                uuid_bin2str(iface->wps->uuid, uuid_string,
                                             sizeof(uuid_string));

diff --git a/src/wps/wps_upnp_web.c b/src/wps/wps_upnp_web.c
index 54c3658adfebe06629d1293f62655764a00d4afa..b1cf571d8acb10acf721b2f4440ac514f0ae2a61 100644 (file)
--- a/src/wps/wps_upnp_web.c
+++ b/src/wps/wps_upnp_web.c
@@ -179,15 +179,12 @@ static const char *wps_device_xml_postfix =
 /* format_wps_device_xml -- produce content of "file" wps_device.xml
  * (UPNP_WPS_DEVICE_XML_FILE)
  */
-static void format_wps_device_xml(struct upnp_wps_device_sm *sm,
+static void format_wps_device_xml(struct upnp_wps_device_interface *iface,
+                                 struct upnp_wps_device_sm *sm,
                                  struct wpabuf *buf)
 {
        const char *s;
        char uuid_string[80];
-       struct upnp_wps_device_interface *iface;
-
-       iface = dl_list_first(&sm->interfaces,
-                             struct upnp_wps_device_interface, list);
 
        wpabuf_put_str(buf, wps_device_xml_prefix);
 
@@ -319,6 +316,10 @@ static void web_connection_parse_get(struct upnp_wps_device_sm *sm,
 
        iface = dl_list_first(&sm->interfaces,
                              struct upnp_wps_device_interface, list);
+       if (iface == NULL) {
+               http_request_deinit(hreq);
+               return;
+       }
 
        /*
         * It is not required that filenames be case insensitive but it is
@@ -391,7 +392,7 @@ static void web_connection_parse_get(struct upnp_wps_device_sm *sm,
 
        switch (req) {
        case GET_DEVICE_XML_FILE:
-               format_wps_device_xml(sm, buf);
+               format_wps_device_xml(iface, sm, buf);
                break;
        case GET_SCPD_XML_FILE:
                wpabuf_put_str(buf, wps_scpd_xml);
@@ -419,13 +420,14 @@ web_process_get_device_info(struct upnp_wps_device_sm *sm,
 
        iface = dl_list_first(&sm->interfaces,
                              struct upnp_wps_device_interface, list);
-       peer = &iface->peer;
 
        wpa_printf(MSG_DEBUG, "WPS UPnP: GetDeviceInfo");
 
-       if (iface->ctx->ap_pin == NULL)
+       if (!iface || iface->ctx->ap_pin == NULL)
                return HTTP_INTERNAL_SERVER_ERROR;
 
+       peer = &iface->peer;
+
        /*
         * Request for DeviceInfo, i.e., M1 TLVs. This is a start of WPS
         * registration over UPnP with the AP acting as an Enrollee. It should
@@ -473,6 +475,8 @@ web_process_put_message(struct upnp_wps_device_sm *sm, char *data,
 
        iface = dl_list_first(&sm->interfaces,
                              struct upnp_wps_device_interface, list);
+       if (!iface)
+               return HTTP_INTERNAL_SERVER_ERROR;
 
        /*
         * PutMessage is used by external UPnP-based Registrar to perform WPS

diff --git a/wpa_supplicant/p2p_supplicant.c b/wpa_supplicant/p2p_supplicant.c
index 49b2cd28a0be43b3170f9d8ea905154cc8d980a3..522d277a777fc74dfccdb7896165fac2adc765b7 100644 (file)
--- a/wpa_supplicant/p2p_supplicant.c
+++ b/wpa_supplicant/p2p_supplicant.c
@@ -6781,7 +6781,7 @@ void wpas_p2p_new_psk_cb(struct wpa_supplicant *wpa_s, const u8 *mac_addr,
 {
        struct wpa_ssid *ssid = wpa_s->current_ssid;
        struct wpa_ssid *persistent;
-       struct psk_list_entry *p;
+       struct psk_list_entry *p, *last;
 
        if (psk_len != sizeof(p->psk))
                return;
@@ -6841,10 +6841,9 @@ void wpas_p2p_new_psk_cb(struct wpa_supplicant *wpa_s, const u8 *mac_addr,
        }
        os_memcpy(p->psk, psk, psk_len);
 
-       if (dl_list_len(&persistent->psk_list) > P2P_MAX_STORED_CLIENTS) {
-               struct psk_list_entry *last;
-               last = dl_list_last(&persistent->psk_list,
-                                   struct psk_list_entry, list);
+       if (dl_list_len(&persistent->psk_list) > P2P_MAX_STORED_CLIENTS &&
+           (last = dl_list_last(&persistent->psk_list,
+                                struct psk_list_entry, list))) {
                wpa_dbg(wpa_s, MSG_DEBUG, "P2P: Remove oldest PSK entry for "
                        MACSTR " (p2p=%u) to make room for a new one",
                        MAC2STR(last->addr), last->p2p);