send_outstanding_packets checks if a forw_node has a correct if_incoming. Otherwise it jumps to packet_free to deallocate the packet infrastructure. But this also schedules packets with the batman interfaces as target incoming_if. This is known to be NULL but is dereferenced in schedule_own_packet.
This NULL dereference should be avoided.
Signed-off-by: Sven Eckelmann sven@narfation.org --- schedule.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/schedule.c b/schedule.c index 3e65d68..03cdb78 100644 --- a/schedule.c +++ b/schedule.c @@ -359,7 +359,7 @@ void send_outstanding_packets(uint32_t curr_time)
packet_free: list_del((struct list_head *)&forw_list, forw_pos, &forw_list);
- if (forw_node->own) + if (forw_node->own && forw_node->if_incoming) schedule_own_packet(forw_node->if_incoming);
debugFree(forw_node->pack_buff, 1501);