From f4452cc2b12e61232977a8f1c56dd2f2db702127 Mon Sep 17 00:00:00 2001
From: Jouni Malinen <j@w1.fi>
Date: Sat, 11 Oct 2014 17:18:02 +0300
Subject: [PATCH] Add a workaround to clanc static analyzer warning

dl_list_del() followed by dl_list_add() seemed to confuse clang static
analyzer somehow, so explicitly check for the prev pointer to be
non-NULL to avoid an incorrect warning.

Signed-off-by: Jouni Malinen <j@w1.fi>
---
 src/rsn_supp/preauth.c | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/src/rsn_supp/preauth.c b/src/rsn_supp/preauth.c
index 915f85e70..0e4f01239 100644
--- a/src/rsn_supp/preauth.c
+++ b/src/rsn_supp/preauth.c
@@ -391,6 +391,18 @@ void pmksa_candidate_add(struct wpa_sm *sm, const u8 *bssid,
 	dl_list_for_each(pos, &sm->pmksa_candidates,
 			 struct rsn_pmksa_candidate, list) {
 		if (cand->priority <= pos->priority) {
+			if (!pos->list.prev) {
+				/*
+				 * This cannot really happen in pracrice since
+				 * pos was fetched from the list and the prev
+				 * pointer must be set. It looks like clang
+				 * static analyzer gets confused with the
+				 * dl_list_del(&cand->list) call above and ends
+				 * up assuming pos->list.prev could be NULL.
+				 */
+				os_free(cand);
+				return;
+			}
 			dl_list_add(pos->list.prev, &cand->list);
 			cand = NULL;
 			break;