Skip site navigation (1)Skip section navigation (2)
Date:      Sun, 6 May 2018 21:55:10 +0200
From:      Michael Tuexen <tuexen@freebsd.org>
To:        cem@freebsd.org
Cc:        src-committers <src-committers@freebsd.org>, svn-src-all@freebsd.org, svn-src-head@freebsd.org
Subject:   Re: svn commit: r333304 - head/sys/netinet
Message-ID:  <30787D45-D97E-4AB0-9EA5-E2B003796D9B@freebsd.org>
In-Reply-To: <CAG6CVpWM2zA4NbvPmCHJ4Q7VBG2eVErwvZVXenNyu1CLWPYRag@mail.gmail.com>
References:  <201805061419.w46EJpj3094778@repo.freebsd.org> <CAG6CVpWM2zA4NbvPmCHJ4Q7VBG2eVErwvZVXenNyu1CLWPYRag@mail.gmail.com>

next in thread | previous in thread | raw e-mail | index | archive | help
> On 6. May 2018, at 19:09, Conrad Meyer <cem@FreeBSD.org> wrote:
>=20
> FYI, Coverity can detect this kind of issue scanning the kernel (not
> just usrsctp).  It was detected as CID 1385266 on FreeBSD's Coverity
> Scan.
That is correct. I just had problems in getting access to the FreeBSD
page, so I didn't know the number. This has now been resolved.

Best regards
Michael
>=20
> Best,
> Conrad
>=20
> On Sun, May 6, 2018 at 7:19 AM, Michael Tuexen <tuexen@freebsd.org> =
wrote:
>> Author: tuexen
>> Date: Sun May  6 14:19:50 2018
>> New Revision: 333304
>> URL: https://svnweb.freebsd.org/changeset/base/333304
>>=20
>> Log:
>>  Ensure we are not dereferencing a NULL pointer.
>>=20
>>  This was found by Coverity scanning the usrsctp stack (CID 203808).
>>=20
>>  MFC after:    3 days
>>=20
>> Modified:
>>  head/sys/netinet/sctp_indata.c
>>=20
>> Modified: head/sys/netinet/sctp_indata.c
>> =
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D
>> --- head/sys/netinet/sctp_indata.c      Sun May  6 13:59:56 2018      =
  (r333303)
>> +++ head/sys/netinet/sctp_indata.c      Sun May  6 14:19:50 2018      =
  (r333304)
>> @@ -3621,7 +3621,9 @@ sctp_strike_gap_ack_chunks(struct sctp_tcb =
*stcb, stru
>>                                                    =
SCTP_SO_NOT_LOCKED);
>>                                        }
>>                                        /* Make sure to flag we had a =
FR */
>> -                                       tp1->whoTo->net_ack++;
>> +                                       if (tp1->whoTo !=3D NULL) {
>> +                                               =
tp1->whoTo->net_ack++;
>> +                                       }
>>                                        continue;
>>                                }
>>                        }
>>=20




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?30787D45-D97E-4AB0-9EA5-E2B003796D9B>