From: Stefan Richter <stefanr@s5r6.in-berlin.de>
To: Tom Walter Dillig <tdillig@stanford.edu>
Cc: linux-kernel@vger.kernel.org, w@1wt.eul,
kernel_org@digitalpeer.com, security@kernel.org
Subject: Re: Complete report of Null dereference errors in kernel 2.6.17.1
Date: Sat, 29 Jul 2006 19:46:57 +0200 [thread overview]
Message-ID: <44CB9F11.6080508@s5r6.in-berlin.de> (raw)
In-Reply-To: <1153782637.44c5536e013a4@webmail>
Tom Walter Dillig wrote on 2006-07-25:
> [276]
> 1043, 1051, 1075, 1083, 1091, ... drivers/ieee1394/sbp2.c
> Possible null dereference of variable "hi" checked at
> (1096:drivers/ieee1394/sbp2.c).
Thanks for the report.
"hi" is guaranteed to be nonzero and valid at these places. The
safeguards are the if clauses in lines 1042, 1050, 1074, 1082, 1090.
Their conditions will evaluate to false if "hi" was NULL. This is
because of the order of how members of struct scsi_id_instance_data are
initialized in sbp2_alloc_device() and sbp2_start_device().
What other potential errors did your checker find in
drivers/ieee1394/sbp2.c?
--
Stefan Richter
-=====-=-==- -=== ===-=
http://arcgraph.de/sr/
prev parent reply other threads:[~2006-07-29 17:50 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-07-24 23:10 Complete report of Null dereference errors in kernel 2.6.17.1 Tom Walter Dillig
2006-07-25 0:00 ` softmac possible null deref [was: Complete report of Null dereference errors in kernel 2.6.17.1] Daniel Drake
2006-07-25 0:12 ` Stephen Hemminger
2006-07-25 0:01 ` Daniel Drake
2006-07-25 0:00 ` Thomas Dillig
2006-07-25 6:20 ` Johannes Weiner
2006-07-26 13:11 ` Daniel Drake
2006-07-29 17:46 ` Stefan Richter [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=44CB9F11.6080508@s5r6.in-berlin.de \
--to=stefanr@s5r6.in-berlin.de \
--cc=kernel_org@digitalpeer.com \
--cc=linux-kernel@vger.kernel.org \
--cc=security@kernel.org \
--cc=tdillig@stanford.edu \
--cc=w@1wt.eul \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).