too late null checks
Ted Unangst
tedu at coverity.com
Wed Aug 18 15:29:40 PDT 2004
Bugs found with Coverity's automated analysis. In each case, either the
NULL check is unnecessary, or it's too late because the variable was
already deref'd.
dev/firewire/fwohci.c:dump_db (debugging function)
pp can not be null (crash if it is)
dev/mpt/mpt_pci.c:mpt_detach
a null mpt won't survive mpt_prt
netinet/tcp_subr.c:tcp_mtudisc
tp has already been dereferenced to obtain isipv6 result
usb/dev/urio.c:urio_attach
if uaa->device can be null, usbd_devinfo already used it.
cam/cam_xpt.c:xptplistperiphfunc
check at line 2532 looks wrong. perhaps should be *pdrv == NULL?
dev/twe/twe.c:twe_ioctl
if you make it to line 552, tr is definitely not null.
kern/vfs_subr.c:reassignbufs (4.10)
1408 while (tbp && tbp->b_lblkno < 0)
1409 tdp = TAILQ_PREV(tbp, buflists, b_vnbufs);
1410 TAILQ_INSERT_AFTER(listheadp, tbp, bp, b_vnbufs);
if the first while() test fails, tailq insert will crash.
i'm not sure where this code went in current. some other bugs of a
similar nature have already been fixed or the code removed in current,
let me know if you are still interested in 4.10 results.
More information about the freebsd-hackers
mailing list