From owner-freebsd-hackers@FreeBSD.ORG Wed Mar 12 00:20:07 2014 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id DDC0240B for ; Wed, 12 Mar 2014 00:20:07 +0000 (UTC) Received: from mail-pd0-f176.google.com (mail-pd0-f176.google.com [209.85.192.176]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id B3EC6877 for ; Wed, 12 Mar 2014 00:20:07 +0000 (UTC) Received: by mail-pd0-f176.google.com with SMTP id r10so280501pdi.35 for ; Tue, 11 Mar 2014 17:20:01 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=hIsvAHgY1HgDge4bgUpczyXbmZBjKu2XgUCZ3e5zIio=; b=QwNhK9qLr0PIEwFap5DtZ+V5Ee45SrviTlcZTGq8D4ZFilIoy/M2D+L5pptDCBLrSG 4yx/6xRaKcfpk4vxk3Dv4D/6uRhB9tgjqcsjBtoqdE1N4ICvkFS7OB4gKanJiEDuo5De rN3dhiBkJenmur0hYpVdkM/UQ7tPP+zqjSnJnJahHe1CRM4T5iaaXgq+ZVk1we2Jnq3c 2Ywc0bdVssM9WUDaPi9bLbEK9Kz2HiHbRnvhNUfl/UKiPD9VRuwCt5DmtEiZylDi/olb KPbiecO2n7RwuWmgYMfOkSi1L2uasP/KKsK3gHW8xA3q6o3+9CYfaNQaHBIVHL2lNUJl MYWg== X-Gm-Message-State: ALoCoQnZdEm2goL8Rkj8K9gTW4M/f4nSGAKt29JhDXukGOGn3LMcD8qoOTNwRWpSdqMTFZ/JPm+o X-Received: by 10.68.93.132 with SMTP id cu4mr1152454pbb.129.1394583600968; Tue, 11 Mar 2014 17:20:00 -0700 (PDT) Received: from cmeyer.west.isilon.com (c-67-182-131-225.hsd1.wa.comcast.net. [67.182.131.225]) by mx.google.com with ESMTPSA id jd5sm1276051pbb.18.2014.03.11.17.19.59 for (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 11 Mar 2014 17:19:59 -0700 (PDT) From: Conrad Meyer To: freebsd-hackers@freebsd.org Subject: [PATCH 1/5] vm/device_pager.c: dev_pager_alloc: 'size' must be non-zero Date: Tue, 11 Mar 2014 17:19:39 -0700 Message-Id: <1394583583-19023-2-git-send-email-conrad.meyer@isilon.com> X-Mailer: git-send-email 1.8.5.3 In-Reply-To: <1394583583-19023-1-git-send-email-conrad.meyer@isilon.com> References: <1394583583-19023-1-git-send-email-conrad.meyer@isilon.com> X-Mailman-Approved-At: Wed, 12 Mar 2014 02:10:11 +0000 Cc: Conrad Meyer , Jeffrey Roberson X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 12 Mar 2014 00:20:07 -0000 If size is zero, paddr is used uninitialized when assigning object1->pg_color. Found with Clang static analysis. Signed-off-by: Conrad Meyer --- sys/vm/device_pager.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/sys/vm/device_pager.c b/sys/vm/device_pager.c index 13491ba..5125d20 100644 --- a/sys/vm/device_pager.c +++ b/sys/vm/device_pager.c @@ -135,6 +135,12 @@ cdev_pager_allocate(void *handle, enum obj_type tp, struct cdev_pager_ops *ops, if (foff & PAGE_MASK) return (NULL); + /* + * Size must be non-zero. + */ + if (size == 0) + return (NULL); + size = round_page(size); pindex = OFF_TO_IDX(foff + size); -- 1.8.5.3