svn commit: r333304 - head/sys/netinet
Conrad Meyer
cem at freebsd.org
Sun May 6 19:04:36 UTC 2018
FYI, Coverity can detect this kind of issue scanning the kernel (not
just usrsctp). It was detected as CID 1385266 on FreeBSD's Coverity
Scan.
Best,
Conrad
On Sun, May 6, 2018 at 7:19 AM, Michael Tuexen <tuexen at freebsd.org> wrote:
> Author: tuexen
> Date: Sun May 6 14:19:50 2018
> New Revision: 333304
> URL: https://svnweb.freebsd.org/changeset/base/333304
>
> Log:
> Ensure we are not dereferencing a NULL pointer.
>
> This was found by Coverity scanning the usrsctp stack (CID 203808).
>
> MFC after: 3 days
>
> Modified:
> head/sys/netinet/sctp_indata.c
>
> Modified: head/sys/netinet/sctp_indata.c
> ==============================================================================
> --- head/sys/netinet/sctp_indata.c Sun May 6 13:59:56 2018 (r333303)
> +++ head/sys/netinet/sctp_indata.c Sun May 6 14:19:50 2018 (r333304)
> @@ -3621,7 +3621,9 @@ sctp_strike_gap_ack_chunks(struct sctp_tcb *stcb, stru
> SCTP_SO_NOT_LOCKED);
> }
> /* Make sure to flag we had a FR */
> - tp1->whoTo->net_ack++;
> + if (tp1->whoTo != NULL) {
> + tp1->whoTo->net_ack++;
> + }
> continue;
> }
> }
>
More information about the svn-src-all
mailing list