stat_file->stat has already been dereferenced by the time the check is
done. This commit moves it earlier, before the first dereference
attempt.
---
server/stat-file.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/server/stat-file.c b/server/stat-file.c
index de455b6..b985440 100644
--- a/server/stat-file.c
+++ b/server/stat-file.c
@@ -147,7 +147,7 @@ stat_file_add_node(RedStatFile *stat_file, StatNodeRef parent, const char *name,
SpiceStatNode *node = NULL;
spice_assert(name && strlen(name) > 0);
- if (strlen(name) >= sizeof(node->name)) {
+ if ((stat_file->stat == NULL) || (strlen(name) >= sizeof(node->name))) {
return INVALID_STAT_REF;
}
pthread_mutex_lock(&stat_file->lock);
@@ -162,7 +162,7 @@ stat_file_add_node(RedStatFile *stat_file, StatNodeRef parent, const char *name,
return ref;
}
}
- if (stat_file->stat->num_of_nodes >= stat_file->max_nodes || stat_file->stat == NULL) {
+ if (stat_file->stat->num_of_nodes >= stat_file->max_nodes) {
pthread_mutex_unlock(&stat_file->lock);
return INVALID_STAT_REF;
}
--
2.9.3
_______________________________________________
Spice-devel mailing list
Spice-devel@xxxxxxxxxxxxxxxxxxxxx
https://lists.freedesktop.org/mailman/listinfo/spice-devel