From 44d380fa1042c56eee959c8cf8477aa62b8d8a0e Mon Sep 17 00:00:00 2001

From: Stefan Beller <stefanbeller@googlemail.com>

Date: Mon, 30 Dec 2013 17:43:52 +0100

Subject: [PATCH] sleep-config: Dereference pointer before check for NULL

This fixes a bug pointed out by http://css.csail.mit.edu/stack/

(Optimization-unstable code)

It is a similar fix as f146f5e159 (2013-12-30, core:

Forgot to dereference pointer when checking for NULL)

To explain this bug consider the following similar, but simpler code:

	if (!p)

		free(*p)

Assume the if condition evaluates to true, then we will access *p,

which means the compiler can assume p is a valid pointer, so it could

dereference p and use the value *p.

Assuming p as a valid pointer, !p will be false.

But initally we assumed the condition evaluates to true.

By this reasoning the optimizing compiler can deduce, we have dead code.

("The if will never be taken, as *p must be valid, because otherwise

accessing *p inside the if would segfault")

This led to an error message of the static code checker, so I checked the

code in question.

As we access *modes and *states before the check in the changed line of

this patch, I assume the line to be wrong and we actually wanted to check

for *modes and *states being both non null.

---

 src/shared/sleep-config.c | 2 +-

 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/shared/sleep-config.c b/src/shared/sleep-config.c

index d76e3ad..b2a0787 100644

--- a/src/shared/sleep-config.c

+++ b/src/shared/sleep-config.c

@@ -94,7 +94,7 @@ int parse_sleep_config(const char *verb, char ***modes, char ***states) {

         } else

                 assert_not_reached("what verb");

-        if (!modes || !states) {

+        if (!*modes || !*states) {

                 strv_free(*modes);

                 strv_free(*states);

                 return log_oom();