Merge pull request #12087 from yuwata/fix-condition-free-list

util: fix condition_free_list_type()

9 files changed, 15 insertions, 11 deletions

diff --git a/src/network/netdev/netdev.h b/src/network/netdev/netdev.h
index 3c6990236fe..ad4dd2e2b0d 100644
--- a/src/network/netdev/netdev.h
+++ b/src/network/netdev/netdev.h
@@ -81,7 +81,7 @@ typedef struct NetDev {
 
         char *filename;
 
-        Condition *conditions;
+        LIST_HEAD(Condition, conditions);
 
         NetDevState state;
         NetDevKind kind;
diff --git a/src/network/networkd-network.h b/src/network/networkd-network.h
index 7211aee8c68..852144da3c0 100644
--- a/src/network/networkd-network.h
+++ b/src/network/networkd-network.h
@@ -97,7 +97,7 @@ struct Network {
         char **match_driver;
         char **match_type;
         char **match_name;
-        Condition *conditions;
+        LIST_HEAD(Condition, conditions);
 
         char *description;
 
diff --git a/src/shared/condition.c b/src/shared/condition.c
index 69d65fffbce..32a90bcea36 100644
--- a/src/shared/condition.c
+++ b/src/shared/condition.c
@@ -77,17 +77,17 @@ void condition_free(Condition *c) {
         free(c);
 }
 
-Condition* condition_free_list_type(Condition *first, ConditionType type) {
-        Condition *c, *n, *r = NULL;
+Condition* condition_free_list_type(Condition *head, ConditionType type) {
+        Condition *c, *n;
 
-        LIST_FOREACH_SAFE(conditions, c, n, first)
-                if (type < 0 || c->type == type)
+        LIST_FOREACH_SAFE(conditions, c, n, head)
+                if (type < 0 || c->type == type) {
+                        LIST_REMOVE(conditions, head, c);
                         condition_free(c);
-                else if (!r)
-                        r = c;
+                }
 
-        assert(type >= 0 || !r);
-        return r;
+        assert(type >= 0 || !head);
+        return head;
 }
 
 static int condition_test_kernel_command_line(Condition *c) {
diff --git a/src/udev/net/link-config.h b/src/udev/net/link-config.h
index 5dfe5b59b88..efe5f2ce3a9 100644
--- a/src/udev/net/link-config.h
+++ b/src/udev/net/link-config.h
@@ -40,7 +40,7 @@ struct link_config {
         char **match_driver;
         char **match_type;
         char **match_name;
-        Condition *conditions;
+        LIST_HEAD(Condition, conditions);
 
         char *description;
         struct ether_addr *mac;
diff --git a/test/fuzz/fuzz-link-parser/oss-fuzz-13878 b/test/fuzz/fuzz-link-parser/oss-fuzz-13878
new file mode 100644
index 00000000000..dbb2abecb05
--- /dev/null
+++ b/test/fuzz/fuzz-link-parser/oss-fuzz-13878
@@ -0,0 +1,4 @@
+[Match]
+KernelVersion=t
+Virtualization=q
+KernelVersion=
\ No newline at end of file
diff --git a/test/fuzz/fuzz-link-parser/oss-fuzz-13882 b/test/fuzz/fuzz-link-parser/oss-fuzz-13882
new file mode 100644
index 00000000000..7c56ec222d8
--- /dev/null
+++ b/test/fuzz/fuzz-link-parser/oss-fuzz-13882
diff --git a/test/fuzz/fuzz-netdev-parser/oss-fuzz-13884 b/test/fuzz/fuzz-netdev-parser/oss-fuzz-13884
new file mode 100644
index 00000000000..ce8d713a035
--- /dev/null
+++ b/test/fuzz/fuzz-netdev-parser/oss-fuzz-13884
diff --git a/test/fuzz/fuzz-netdev-parser/oss-fuzz-13886 b/test/fuzz/fuzz-netdev-parser/oss-fuzz-13886
new file mode 100644
index 00000000000..1230ffe699b
--- /dev/null
+++ b/test/fuzz/fuzz-netdev-parser/oss-fuzz-13886
diff --git a/test/fuzz/fuzz-network-parser/oss-fuzz-13888 b/test/fuzz/fuzz-network-parser/oss-fuzz-13888
new file mode 100644
index 00000000000..c75fcb4e8a9
--- /dev/null
+++ b/test/fuzz/fuzz-network-parser/oss-fuzz-13888