Date: Fri, 20 Aug 2004 11:09:59 -0700 From: Ted Unangst <tedu@coverity.com> To: hackers@freebsd.org Subject: use after free bugs Message-ID: <41263E77.5040500@coverity.com>
next in thread | raw e-mail | index | archive | help
these are results from running Coverity's analysis over Freebsd 4.10 kernel. two improper loops: if_ef.c:566 and atapi-all.c ng_socket.c: possible double free of resp 815 and 870, depending on caller context. is this possible? if_bfe.c: double call to bfe_release_resources will free lots of stuff twice on failure. aha_isa.c: aha_isa_attach: aha_free free "aha", can't use it afterwards, lots of examples.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?41263E77.5040500>