tal: check headers more carefully.

We sanity check tal headers by ensuring that the pointers are in the bounds of things we've allocated. But the first one we check is the prop ptr, which may also be a literal: this is_literal() dereferences the pointer, which means we usually crash here if it's not a tal object. Move that last, and we have far more success with our sanity checking. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>

tal: check headers more carefully.
We sanity check tal headers by ensuring that the pointers are in the bounds of things we've allocated. But the first one we check is the prop ptr, which may also be a literal: this is_literal() dereferences the pointer, which means we usually crash here if it's not a tal object. Move that last, and we have far more success with our sanity checking. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
d73447c2 · Rusty Russell · 0f6d854a · d73447c2
Commit d73447c2 authored Dec 03, 2012 by Rusty Russell
Hide whitespace changes
Inline Side-by-side

Showing with 2 additions and 2 deletions

ccan/tal/tal.c ccan/tal/tal.c +2 -2

No files found.
--- a/ccan/tal/tal.c
+++ b/ccan/tal/tal.c
@@ -154,11 +154,11 @@ static struct tal_hdr *to_tal_hdr(const void *ctx)

 	t = (struct tal_hdr *)((char *)ctx - sizeof(struct tal_hdr));
 	check_bounds(t);
-	if (t->prop && !is_literal(t->prop))
-		check_bounds(t->prop);
 	check_bounds(ignore_destroying_bit(t->parent_child));
 	check_bounds(t->list.next);
 	check_bounds(t->list.prev);
+	if (t->prop && !is_literal(t->prop))
+		check_bounds(t->prop);
 	return t;
 }