Disclaimer: I could not complie-test or runtime-test these patches right now. This is a pure code-only review of the patches.
src/tcs/tcsi_ps.c: This seems to be correct, though I'd instead move the free into the braces, where the malloc is guaranteed to have initialized the pubkey.key-field. src/tspi/rpc/tcstp/rpc.c: This is actually unnecessary, since for rv != 0, res is set to NULL in the rv-handler. If it makes the code-scanner happy, the patch is ok, but I'd remove line 486 "res = NULL;" from the rv-handler Am Mittwoch, den 09.04.2014, 15:41 -0300 schrieb [email protected]: > From: Richard Maciel <[email protected]> > > Related to coverit CIDs 10326 and 10323 > > In both cases proper pointer initialization was not > made, so, in some cases, the code could free the value of a > unitialized pointer. > > Signed-off-by: Richard Maciel <[email protected]> > --- > src/tcs/tcsi_ps.c | 2 ++ > src/tspi/rpc/tcstp/rpc.c | 2 +- > 2 files changed, 3 insertions(+), 1 deletion(-) > > diff --git a/src/tcs/tcsi_ps.c b/src/tcs/tcsi_ps.c > index 87db219..e7f6245 100644 > --- a/src/tcs/tcsi_ps.c > +++ b/src/tcs/tcsi_ps.c > @@ -610,6 +610,8 @@ > TCSP_GetRegisteredKeyByPublicInfo_Internal(TCS_CONTEXT_HANDLE tcsContext, /* > in > TCPA_STORE_PUBKEY pubKey; > TSS_RESULT result = TCSERR(TSS_E_FAIL); > > + pubKey.key = NULL; > + > if ((result = ctx_verify_context(tcsContext))) > return result; > > diff --git a/src/tspi/rpc/tcstp/rpc.c b/src/tspi/rpc/tcstp/rpc.c > index afe1844..b54ca2f 100644 > --- a/src/tspi/rpc/tcstp/rpc.c > +++ b/src/tspi/rpc/tcstp/rpc.c > @@ -462,7 +462,7 @@ TSS_RESULT > get_socket(struct host_table_entry *hte, int *sd) > { > char port_str[TCP_PORT_STR_MAX_LEN]; // To accomodate string 65535 > - struct addrinfo hints, *res, *p; > + struct addrinfo hints, *p, *res=NULL; > int rv; > TSS_RESULT result = TSS_SUCCESS; > ------------------------------------------------------------------------------ Put Bad Developers to Shame Dominate Development with Jenkins Continuous Integration Continuously Automate Build, Test & Deployment Start a new project now. Try Jenkins in the cloud. http://p.sf.net/sfu/13600_Cloudbees _______________________________________________ TrouSerS-tech mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/trousers-tech
