Date: Sat, 21 Aug 2004 00:28:51 -0700 From: Julian Elischer <julian@elischer.org> To: Ted Unangst <tedu@coverity.com> Cc: hackers@freebsd.org Subject: Re: use after free bugs Message-ID: <4126F9B3.8050900@elischer.org> In-Reply-To: <41263E77.5040500@coverity.com> References: <41263E77.5040500@coverity.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Ted Unangst wrote: > these are results from running Coverity's analysis over Freebsd 4.10 > kernel. > two improper loops: > if_ef.c:566 and atapi-all.c > > ng_socket.c: possible double free of resp 815 and 870, depending on > caller context. is this possible? > I'm not seeing it.. Can you show the lines in the version that is being examined? (So I can be sure I'm looking at the right code) (and how do I interpret the above report? 815 and 870 are freeing different things.) > if_bfe.c: double call to bfe_release_resources will free lots of stuff > twice on failure. > > aha_isa.c: aha_isa_attach: aha_free free "aha", can't use it > afterwards, lots of examples. > > _______________________________________________ > freebsd-hackers@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-hackers > To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4126F9B3.8050900>