Add a workaround to clanc static analyzer warning

dl_list_del() followed by dl_list_add() seemed to confuse clang static
analyzer somehow, so explicitly check for the prev pointer to be
non-NULL to avoid an incorrect warning.

Signed-off-by: Jouni Malinen <j@w1.fi>

diff --git a/src/rsn_supp/preauth.c b/src/rsn_supp/preauth.c
index 915f85e70e28be2f06b20e73e88044e6c681a9f0..0e4f0123946b668856478a5e782799b50faf0aa7 100644 (file)
--- a/src/rsn_supp/preauth.c
+++ b/src/rsn_supp/preauth.c
@@ -391,6 +391,18 @@ void pmksa_candidate_add(struct wpa_sm *sm, const u8 *bssid,
        dl_list_for_each(pos, &sm->pmksa_candidates,
                         struct rsn_pmksa_candidate, list) {
                if (cand->priority <= pos->priority) {
+                       if (!pos->list.prev) {
+                               /*
+                                * This cannot really happen in pracrice since
+                                * pos was fetched from the list and the prev
+                                * pointer must be set. It looks like clang
+                                * static analyzer gets confused with the
+                                * dl_list_del(&cand->list) call above and ends
+                                * up assuming pos->list.prev could be NULL.
+                                */
+                               os_free(cand);
+                               return;
+                       }
                        dl_list_add(pos->list.prev, &cand->list);
                        cand = NULL;
                        break;