Hi, I am not sure but I think it could be possible that there is a null pointer dereference at batman.c:420 I assume that it is possible that neigh_node is NULL and orig_node->router is also NULL in batman.c:412. Now we dereference neigh_node in batman.c:420 as third parameter of add_del_route. I don't know if the third parameter should be set to 0 if neigh_node is NULL or if the "if"-statement is wrong - so i will not send a patch this time.
Best regards, Sven
Hi,
I am not sure but I think it could be possible that there is a null pointer dereference at batman.c:420 I assume that it is possible that neigh_node is NULL and orig_node->router is also NULL in batman.c:412. Now we dereference neigh_node in batman.c:420 as third parameter of add_del_route. I don't know if the third parameter should be set to 0 if neigh_node is NULL or if the "if"-statement is wrong - so i will not send a patch this time.
this one is a bit tricky (may be we should add a comment there). In line 386 we prevent that null pointer dereference:
orig_node->router != neigh_node
If both variables are NULL it would fail here. :-)
Greetings, Marek
b.a.t.m.a.n@lists.open-mesh.org
-
Marek Lindner -
Sven Eckelmann