Re: git: 763179042246 - main - Fix NULL deref segfault in bhyve's usb_mouse.c

In reply to: Chuck Tuffli : "Re: git: 763179042246 - main - Fix NULL deref segfault in bhyve's usb_mouse.c"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: Warner Losh <imp_at_bsdimp.com>
Date: Mon, 12 Jan 2026 00:46:19 UTC

On Sun, Jan 11, 2026 at 4:18 PM Chuck Tuffli <chuck@freebsd.org> wrote:

> On Fri, Jan 9, 2026 at 12:18 PM Warner Losh <imp@freebsd.org> wrote:
> >
> > The branch main has been updated by imp:
> >
> > URL:
> https://cgit.FreeBSD.org/src/commit/?id=7631790422464de1aec309018e2c444defe5f629
> >
> > commit 7631790422464de1aec309018e2c444defe5f629
> > Author:     Jack Bendtsen <jackdbendtsen@gmail.com>
> > AuthorDate: 2025-06-19 07:40:31 +0000
> > Commit:     Warner Losh <imp@FreeBSD.org>
> > CommitDate: 2026-01-09 20:17:13 +0000
> >
> >     Fix NULL deref segfault in bhyve's usb_mouse.c
> >
> >     Some of the cases inside umouse_request()
> (usr.sbin/bhyve/usb_mouse.c)
> >     use the data component of an event, while only partially checking if
> >     it's NULL. 'data' has a NULL check, but then 'data' is immediately
> >     deferenced anyway after the check regardless of if it's NULL or not.
>
> The SmartOS/Illumos folks ran into this issue a bit ago and fixed
> their version of bhyve differently
> (https://www.illumos.org/issues/17784). This has been on my to-do
> list, but it didn't make it to the top before this (point hat:
> chuck@). Any concerns or objections to my committing
> https://reviews.freebsd.org/D54661 to minimize our diffs with
> SmartOS/illumos?
>

That's fine. Documented such on the review.

Wraner