[master] c63bd5088 vdire: avoid accidental use-after-free

Tue Feb 4 17:39:07 UTC 2025

commit c63bd508841d3781dc99dc3109b331fffc240021
Author: Nils Goroll <nils.goroll at uplex.de>
Date:   Tue Feb 4 18:37:41 2025 +0100

    vdire: avoid accidental use-after-free
    
    Spotted by Coverity
    
    Pointed out by Dridi
    
    Coverity CID#1641631
    Fixup to 586d0c6d23e1b35d44ede2a90b70e76c4df461ae
    Ref #4142

diff --git a/bin/varnishd/cache/cache_vcl.c b/bin/varnishd/cache/cache_vcl.c
index 2140bc664..5a82baf21 100644
--- a/bin/varnishd/cache/cache_vcl.c
+++ b/bin/varnishd/cache/cache_vcl.c
@@ -414,7 +414,7 @@ vdire_end_iter(struct vdire *vdire)
 {
 	struct vcldir_head resigning = VTAILQ_HEAD_INITIALIZER(resigning);
 	const struct vcltemp *temp = NULL;
-	struct vcldir *vdir;
+	struct vcldir *vdir, *next;
 	unsigned n;
 
 	CHECK_OBJ_NOTNULL(vdire, VDIRE_MAGIC);
@@ -432,7 +432,7 @@ vdire_end_iter(struct vdire *vdire)
 	}
 	Lck_Unlock(vdire->mtx);
 
-	VTAILQ_FOREACH(vdir, &resigning, resigning_list)
+	VTAILQ_FOREACH_SAFE(vdir, &resigning, resigning_list, next)
 		vcldir_retire(vdir, temp);
 }
 
