Core: NULL list pointers on deletion

* This aims at highlighting unwanted behaviours on list operations,
  and facilitate early detection of potential bugs.
* This also requires a fix in threads_windows.c
* See http://sourceforge.net/mailarchive/message.php?msg_id=29626351

diff --git a/libusb/libusbi.h b/libusb/libusbi.h
index 3c4a059..dd5cede 100644 (file)
--- a/libusb/libusbi.h
+++ b/libusb/libusbi.h
@@ -111,6 +111,7 @@ static inline void list_del(struct list_head *entry)
 {
        entry->next->prev = entry->prev;
        entry->prev->next = entry->next;
+       entry->next = entry->prev = NULL;
 }
 
 static inline void *usbi_reallocf(void *ptr, size_t size)

diff --git a/libusb/os/threads_windows.c b/libusb/os/threads_windows.c
index db83a4d..7c09e7d 100644 (file)
--- a/libusb/os/threads_windows.c
+++ b/libusb/os/threads_windows.c
@@ -92,16 +92,14 @@ int usbi_cond_init(usbi_cond_t *cond,
 }
 int usbi_cond_destroy(usbi_cond_t *cond) {
        // This assumes no one is using this anymore.  The check MAY NOT BE safe.
-       struct usbi_cond_perthread *pos, *prev_pos = NULL;
+       struct usbi_cond_perthread *pos, *next_pos = NULL;
        if(!cond) return ((errno=EINVAL));
        if(!list_empty(&cond->waiters)) return ((errno=EBUSY )); // (!see above!)
-       list_for_each_entry(pos, &cond->not_waiting, list, struct usbi_cond_perthread) {
-               free(prev_pos);
+       list_for_each_entry_safe(pos, next_pos, &cond->not_waiting, list, struct usbi_cond_perthread) {
                CloseHandle(pos->event);
                list_del(&pos->list);
-               prev_pos = pos;
+               free(pos);
        }
-       free(prev_pos);
 
        return 0;
 }

diff --git a/libusb/version_nano.h b/libusb/version_nano.h
index 17b4a2f..fbf5397 100644 (file)
--- a/libusb/version_nano.h
+++ b/libusb/version_nano.h
@@ -1 +1 @@
-#define LIBUSB_NANO 10542
+#define LIBUSB_NANO 10543