svn commit: r228119 - head/usr.sbin/mfiutil
Xin LI
delphij at FreeBSD.org
Tue Nov 29 08:16:14 UTC 2011
Author: delphij
Date: Tue Nov 29 08:16:14 2011
New Revision: 228119
URL: http://svn.freebsd.org/changeset/base/228119
Log:
In build_volume(), check if arrays is allocated before traversing its
items. While parsing the arrays input, it's possible that we reach the
error path before initializing the 'arrays' pointer, which in turn leads
to a NULL deference.
Submitted by: Garrett Cooper
MFC after: 1 week
Modified:
head/usr.sbin/mfiutil/mfi_config.c
Modified: head/usr.sbin/mfiutil/mfi_config.c
==============================================================================
--- head/usr.sbin/mfiutil/mfi_config.c Tue Nov 29 07:59:45 2011 (r228118)
+++ head/usr.sbin/mfiutil/mfi_config.c Tue Nov 29 08:16:14 2011 (r228119)
@@ -820,9 +820,11 @@ error:
free(config);
free(state.volumes);
free(state.arrays);
- for (i = 0; i < narrays; i++)
- free(arrays[i].drives);
- free(arrays);
+ if (arrays != NULL) {
+ for (i = 0; i < narrays; i++)
+ free(arrays[i].drives);
+ free(arrays);
+ }
close(fd);
return (error);
More information about the svn-src-head
mailing list