This fixes incorrect conditional checks in restore_model_state()
which could lead to dereferencing a NULL pointer.
Wrong: if (l_queue_isempty(mod->bindings) || !mod->cbs->bind) ...
Fixed: if (!l_queue_isempty(mod->bindings) && cbs->bind) ...
---
mesh/model.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/mesh/model.c b/mesh/model.c
index a2b3e5c18..e4a7ba94e 100644
--- a/mesh/model.c
+++ b/mesh/model.c
@@ -1077,7 +1077,7 @@ static void restore_model_state(struct mesh_model *mod)
if (!cbs)
return;
- if (l_queue_isempty(mod->bindings) || !mod->cbs->bind) {
+ if (!l_queue_isempty(mod->bindings) && cbs->bind) {
for (b = l_queue_get_entries(mod->bindings); b; b = b->next) {
if (cbs->bind(L_PTR_TO_UINT(b->data), ACTION_ADD) !=
MESH_STATUS_SUCCESS)
--
2.21.0
