misc/163724: [PATCH] NULL check before dereference
Philippe Saint-Pierre
stpere at gmail.com
Fri Dec 30 22:10:13 UTC 2011
>Number: 163724
>Category: misc
>Synopsis: [PATCH] NULL check before dereference
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Fri Dec 30 22:10:12 UTC 2011
>Closed-Date:
>Last-Modified:
>Originator: Philippe Saint-Pierre
>Release: patch made against 8.1 (I think)
>Organization:
Haiku
>Environment:
>Description:
In the Marvell wifi driver, there are dereferences attempts occuring before the NULL check.
>How-To-Repeat:
>Fix:
Patch included. Basically moves the NULL check to before any dereferences attempts.
Patch attached with submission follows:
--- mwlhal-orig.c 2011-12-30 12:49:08.807786944 -0500
+++ sys/dev/mwl/mwlhal.c 2011-12-30 12:50:57.787782085 -0500
@@ -1440,15 +1440,20 @@
}
sp = &mh->mh_streams[s];
mh->mh_bastreams &= ~(1<<s);
- sp->public.data[0] = a1;
- sp->public.data[1] = a2;
- IEEE80211_ADDR_COPY(sp->macaddr, Macaddr);
- sp->tid = Tid;
- sp->paraminfo = ParamInfo;
- sp->setup = 0;
- sp->ba_policy = ba_policy;
- MWL_HAL_UNLOCK(mh);
- return sp != NULL ? &sp->public : NULL;
+ if (sp != NULL) {
+ sp->public.data[0] = a1;
+ sp->public.data[1] = a2;
+ IEEE80211_ADDR_COPY(sp->macaddr, Macaddr);
+ sp->tid = Tid;
+ sp->paraminfo = ParamInfo;
+ sp->setup = 0;
+ sp->ba_policy = ba_policy;
+ MWL_HAL_UNLOCK(mh);
+ return &sp->public;
+ } else {
+ MWL_HAL_UNLOCK(mh);
+ return NULL;
+ }
}
const MWL_HAL_BASTREAM *
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-bugs
mailing list