From 6714fcddc626f88373dbaf02af182f3236ca2109 Mon Sep 17 00:00:00 2001 From: Simon Tatham Date: Thu, 25 Oct 2018 18:34:19 +0100 Subject: [PATCH] Fix a newly introduced segfault in callback.c. Colin Harrison points out that commit c31e3cd43 was less cautious than it should have been: when delete_callbacks_for_context nulls out the 'next' pointer in the new tail element of the callbacks list, it should only do so if there _is_ a new tail element. If the list has just become empty, that won't work very well! --- callback.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/callback.c b/callback.c index 09a5e49b..6a888e89 100644 --- a/callback.c +++ b/callback.c @@ -65,7 +65,8 @@ void delete_callbacks_for_context(void *ctx) cbhead = newhead; cbtail = newtail; - newtail->next = NULL; + if (newtail) + newtail->next = NULL; } void queue_toplevel_callback(toplevel_callback_fn_t fn, void *ctx)