From 820b5c2e3b6c5e7f8dbffb748d56f9e1d74c7e9b Mon Sep 17 00:00:00 2001
From: Emil Mikulic <emikulic@gmail.com>
Date: Sat, 2 Aug 2008 03:51:11 +0000
Subject: [PATCH] Five-letter patch that fixes a use-after-free and possible
 list corruption.  Don't know how far back this bug goes.  Caught and
 diagnosed on an Ubuntu system where it manifested as a segfault.

---
 trunk/darkhttpd.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/trunk/darkhttpd.c b/trunk/darkhttpd.c
index 7ff9315..4013289 100644
--- a/trunk/darkhttpd.c
+++ b/trunk/darkhttpd.c
@@ -2341,7 +2341,8 @@ static void httpd_poll(void)
     /* poll connections that select() says need attention */
     if (FD_ISSET(sockin, &recv_set)) accept_connection();
 
-    LIST_FOREACH(conn, &connlist, entries) {
+    LIST_FOREACH_SAFE(conn, &connlist, entries, next)
+    {
         switch (conn->state)
         {
         case RECV_REQUEST: