Hi there,
My name is Shaobo He and I am a graduate student at University of Utah.
I am using a static analysis tool to search for null pointer
dereferences and came across a couple of potentially invalid memory
accesses in the file drivers/message/fusion/mptbase.c: in function
`mpt_turbo_reply`, variable `mf` is initialized to NULL. If the case
`MPI_CONTEXT_REPLY_TYPE_SCSI_TARGET` is taken, then `mf` is not updated
to a non-NULL value and then may get dereferenced in function
`mpt_free_msg_frame`. However, there are a couple of conditions that can
make the error path infeasible. I was wondering if you could confirm
this.
Please let me know if it makes sense. I am looking forward to your
reply.
Best,
Shaobo
- Potentially invalid memory accesses drivers/message/fusion... Shaobo
-
