>Number: 144723
>Category: bin
>Synopsis: [patch] port over coverity SA NULL deref warning fix for
>hexdump(1) from NetBSD PR
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Sun Mar 14 00:30:07 UTC 2010
>Closed-Date:
>Last-Modified:
>Originator: Garrett Cooper
>Release: 9-CURRENT
>Organization:
Cisco Systems, Inc.
>Environment:
FreeBSD bayonetta.localdomain 9.0-CURRENT FreeBSD 9.0-CURRENT #2: Thu Mar 4
13:16:39 PST 2010
gcoo...@bayonetta.localdomain:/usr/obj/usr/src/sys/BAYONETTA amd64
>Description:
As noted in the commit log for revision 1.19 of parse.c in NetBSD's cvs:
Simplify the way the end of a singly linked list is followed (for adding items)
so it is more obvious that we aren't going to indirect through a null pointer.
Fixes coverty SID:101
>How-To-Repeat:
n/a
>Fix:
See attached patch.
Patch attached with submission follows:
Index: parse.c
===================================================================
--- parse.c (revision 205137)
+++ parse.c (working copy)
@@ -214,7 +214,6 @@
int nconv, prec;
size_t len;
- nextpr = NULL;
prec = 0;
for (fu = fs->nextfu; fu; fu = fu->nextfu) {
@@ -222,13 +221,9 @@
* Break each format unit into print units; each conversion
* character gets its own.
*/
+ nextpr = &fu->nextpr;
for (nconv = 0, fmtp = fu->fmt; *fmtp; nextpr = &pr->nextpr) {
- if ((pr = calloc(1, sizeof(PR))) == NULL)
- err(1, NULL);
- if (!fu->nextpr)
- fu->nextpr = pr;
- else
- *nextpr = pr;
+ *nextpr = pr;
/* Skip preceding text and up to the next % sign. */
for (p1 = fmtp; *p1 && *p1 != '%'; ++p1);
>Release-Note:
>Audit-Trail:
>Unformatted:
_______________________________________________
freebsd-bugs@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-bugs
To unsubscribe, send any mail to "freebsd-bugs-unsubscr...@freebsd.org"
