Date: Thu, 01 Feb 2024 23:08:53 +0000 From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 276770] Some potential NULL-pointer dereferences Message-ID: <bug-276770-227-zC9Y5VlZxS@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-276770-227@https.bugs.freebsd.org/bugzilla/> References: <bug-276770-227@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D276770 --- Comment #2 from Qiushi <w290680224@gmail.com> --- Comment on attachment 248120 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D248120 The potential NULL dereferences The allocation functions that can return NULL pointer Potential Buggy Poi= nt=20=20 Potential buggy uses (the returned pointers are not properly checked) cam_simq_alloc sys/cam/cam_xpt.c +910 devq =3D cam_simq_alloc(16); nvme_allocate_request_vaddr sys/dev/nvme/nvme_ctrlr_cmd.c +39 req= =3D nvme_allocate_request_vaddr(payload, sizeof(struct nvme_controller_data), cb_fn, cb_arg); nvme_allocate_request_vaddr sys/dev/nvme/nvme_ctrlr_cmd.c +63 req= =3D nvme_allocate_request_vaddr(payload, sizeof(struct nvme_namespace_data), cb_fn, cb_arg); nvme_allocate_request_vaddr sys/dev/nvme/nvme_ctrlr_cmd.c +262 req= =3D nvme_allocate_request_vaddr(payload, payload_size, cb_fn, cb_arg); nvme_allocate_request_vaddr sys/dev/nvme/nvme_ctrlr.c +1256/+1259 req= =3D nvme_allocate_request_vaddr(buf->b_data, pt->len, nvme_pt_done, pt); devfs_alloc sys/kern/kern_conf.c +1331 ndev =3D devfs_alloc(MAKEDEV_WAITOK); --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-276770-227-zC9Y5VlZxS>