Macintosh-Tools/macemu
1
0
Fork 0
mirror of https://github.com/kanjitalk755/macemu.git synced 2024-11-26 10:49:21 +00:00
Code Issues Projects Releases Wiki Activity

guard against the slirp queues null deref on dequeues I've seen in the debugger

Browse Source
This commit is contained in:
Andrew Tonner 2017-01-20 01:33:20 -08:00
parent bdd2ee1190
commit 52a36f24bb
1 changed files with 8 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
BasiliskII/src/slirp/misc.c
View File

@ -112,7 +112,10 @@ inline void remque_32(void *a)
{
register struct quehead_32 *element = (struct quehead_32 *) a;
((struct quehead_32 *)(element->qh_link))->qh_rlink = element->qh_rlink;
((struct quehead_32 *)(element->qh_rlink))->qh_link = element->qh_link;
struct quehead_32 * prev = element->qh_rlink;
if (prev != 0) {
prev->qh_link = element->qh_link;
}
element->qh_rlink = 0;
}
@ -138,7 +141,10 @@ void remque(void *a)
{
register struct quehead *element = (struct quehead *) a;
((struct quehead *)(element->qh_link))->qh_rlink = element->qh_rlink;
((struct quehead *)(element->qh_rlink))->qh_link = element->qh_link;
struct quehead * prev = element->qh_rlink;
if (prev != NULL) {
prev->qh_link = element->qh_link;
}
element->qh_rlink = NULL;
/* element->qh_link = NULL; TCP FIN1 crashes if you do this. Why ? */
}