libblktapctl: fix use-after-free bug

This has not caused crashes because generally use after free is OK
provided nothing else is going on. However the patch makes things
correct. It also allows us to use heap poisoning feature of valgrind on
tools linking to libblktapctl.

Signed-off-by: Gianni Tedesco <gianni.tedesco@citrix.com>
Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>

diff --git a/tools/blktap2/control/tap-ctl-list.c b/tools/blktap2/control/tap-ctl-list.c
index 55de3e772dc6d56e2becaf5da6ba66d266b2aed6..149727087441fb59c510a7782ec417f509c3bac3 100644 (file)
--- a/tools/blktap2/control/tap-ctl-list.c
+++ b/tools/blktap2/control/tap-ctl-list.c
@@ -385,9 +385,9 @@ _tap_ctl_free_tapdisks(struct tapdisk *tapv, int n_taps)
        struct tapdisk *tap;
 
        for (tap = tapv; tap < &tapv[n_taps]; ++tap) {
-               struct tapdisk_list *tl;
+               struct tapdisk_list *tl, *next;
 
-               list_for_each_entry(tl, &tap->list, entry) {
+               list_for_each_entry_safe(tl, next, &tap->list, entry) {
                        free(tl->params);
                        free(tl);
                }