Date: Sun, 6 May 2018 21:55:10 +0200 From: Michael Tuexen <tuexen@freebsd.org> To: cem@freebsd.org Cc: src-committers <src-committers@freebsd.org>, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: Re: svn commit: r333304 - head/sys/netinet Message-ID: <30787D45-D97E-4AB0-9EA5-E2B003796D9B@freebsd.org> In-Reply-To: <CAG6CVpWM2zA4NbvPmCHJ4Q7VBG2eVErwvZVXenNyu1CLWPYRag@mail.gmail.com> References: <201805061419.w46EJpj3094778@repo.freebsd.org> <CAG6CVpWM2zA4NbvPmCHJ4Q7VBG2eVErwvZVXenNyu1CLWPYRag@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> On 6. May 2018, at 19:09, Conrad Meyer <cem@FreeBSD.org> wrote: >=20 > FYI, Coverity can detect this kind of issue scanning the kernel (not > just usrsctp). It was detected as CID 1385266 on FreeBSD's Coverity > Scan. That is correct. I just had problems in getting access to the FreeBSD page, so I didn't know the number. This has now been resolved. Best regards Michael >=20 > Best, > Conrad >=20 > On Sun, May 6, 2018 at 7:19 AM, Michael Tuexen <tuexen@freebsd.org> = wrote: >> Author: tuexen >> Date: Sun May 6 14:19:50 2018 >> New Revision: 333304 >> URL: https://svnweb.freebsd.org/changeset/base/333304 >>=20 >> Log: >> Ensure we are not dereferencing a NULL pointer. >>=20 >> This was found by Coverity scanning the usrsctp stack (CID 203808). >>=20 >> MFC after: 3 days >>=20 >> Modified: >> head/sys/netinet/sctp_indata.c >>=20 >> Modified: head/sys/netinet/sctp_indata.c >> = =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D >> --- head/sys/netinet/sctp_indata.c Sun May 6 13:59:56 2018 = (r333303) >> +++ head/sys/netinet/sctp_indata.c Sun May 6 14:19:50 2018 = (r333304) >> @@ -3621,7 +3621,9 @@ sctp_strike_gap_ack_chunks(struct sctp_tcb = *stcb, stru >> = SCTP_SO_NOT_LOCKED); >> } >> /* Make sure to flag we had a = FR */ >> - tp1->whoTo->net_ack++; >> + if (tp1->whoTo !=3D NULL) { >> + = tp1->whoTo->net_ack++; >> + } >> continue; >> } >> } >>=20
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?30787D45-D97E-4AB0-9EA5-E2B003796D9B>