Date: Thu, 15 Sep 2016 09:53:30 +0000 From: Daniil Berendeev <pipfstarrd@openmailbox.org> To: freebsd-hackers@FreeBSD.org Subject: Multiple possible null-pointer dereferences Message-ID: <614a3aa7-a903-23f5-33b8-c367f22cd454@openmailbox.org>
next in thread | raw e-mail | index | archive | help
Hello, its cppcheck guy again.
I'm digging through error messages, and there are lots of them related
to null pointer dereferences. But I'm not sure if those should be
considered as bugs and fixed. Maybe I'm missing a point?
Here are some common examples of how it looks like:
1) First snippet:
static int dbd_freetds_end_transaction(apr_dbd_transaction_t *trans)
{
int dummy;
if (trans) { // <-- Here we check whether trans is a valid pointer
// skipped irrelevant code
}
// But here we dereference is without a fuss.
return (trans->handle->err == SUCCEED) ? 0 : 1;
}
2) Second snippet:
static int dbd_oracle_end_transaction(apr_dbd_transaction_t *trans)
{
int ret = 1; /* no transaction is an error cond */
sword status;
// *** We dereference the pointer ***
apr_dbd_t *handle = trans->handle;
if (trans) { // <-- and check if it is valid after that, lol
//...
3) Third snippet
// *** Again, here we dereference the pointer ***
assert(stab->n_type != N_FUN || (iidescp->ii_type != II_GFUN &&
iidescp->ii_type != II_SFUN) || scope == 0);
//...
if (scope && stab->n_type != N_PSYM) {
if (iidescp) // <-- and here check if it's valid
iidesc_free(iidescp, NULL);
And there are tons (973 to be precise) of examples like these above.
Should those be considered as bugs and be fixed, or they are fine?
--
Cheers~
PGP key fingerprint:
07B3 2177 3E27 BF41 DC65 CC95 BDA8 88F1 E9F9 CEEF
You can retrieve my public key at pgp.mit.edu.
--
Cheers~
PGP key fingerprint:
07B3 2177 3E27 BF41 DC65 CC95 BDA8 88F1 E9F9 CEEF
You can retrieve my public key at pgp.mit.edu.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?614a3aa7-a903-23f5-33b8-c367f22cd454>