Re: [TrouSerS-tech] [PATCH 10/17] Removing possibility of NULL-dereferencing pointer

Fri, 11 Apr 2014 06:44:35 -0700 

Em 11-04-2014 06:49, Fuchs, Andreas escreveu:
> Disclaimer:
> I could not complie-test or runtime-test these patches right now. This is a 
> pure code-only review of the patches.
>
> If toKill was actually NULL, you'd already die on line
> 125:          previous->next = toKill->next;

Line 123 does a check on that one 'else if (previous && toKill) {'

> If get_context() or get_previous_context() can actually return NULL, I'd add 
> a return ERROR; right after those two functions.
> Otherwise, I guess coverity is just not intelligent enough. Still, a 
> NULL-check at the beginning right after the two getters is more logical (even 
> if it's only for coverity).
It doesn't return an error, because it's still tasked to unlock 
'tcs_ctx_lock', even if both returned contexts are NULL.
Check line 127 for that.

The person who created this code didn't do that (IMO), because it did 
want to separate the test in line 137, so it could be enclosed by the 
ifdef in line 135. Code legibility suffered for that.

>
> Am Mittwoch, den 09.04.2014, 15:41 -0300 schrieb [email protected]:
>> From: Richard Maciel <[email protected]>
>>
>> Related to coverity CID 10304.
>>
>> There was a possible code execution path, in function context_destroy
>> that have toKill pointer var with the NULL value.
>>
>> Signed-off-by: Richard Maciel <[email protected]>
>> ---
>>   src/tcs/tcs_context.c | 2 +-
>>   1 file changed, 1 insertion(+), 1 deletion(-)
>>
>> diff --git a/src/tcs/tcs_context.c b/src/tcs/tcs_context.c
>> index 905567b..2072bdc 100644
>> --- a/src/tcs/tcs_context.c
>> +++ b/src/tcs/tcs_context.c
>> @@ -134,7 +134,7 @@ destroy_context(TCS_CONTEXT_HANDLE handle)
>>   
>>   #ifdef TSS_BUILD_TRANSP
>>      /* Free existing transport session if necessary */
>> -    if (toKill->transHandle)
>> +    if (toKill != NULL && toKill->transHandle)
>>              TCSP_FlushSpecific_Common(toKill->transHandle, TPM_RT_TRANS);
>>   #endif
>>   


------------------------------------------------------------------------------
Put Bad Developers to Shame
Dominate Development with Jenkins Continuous Integration
Continuously Automate Build, Test & Deployment 
Start a new project now. Try Jenkins in the cloud.
http://p.sf.net/sfu/13600_Cloudbees
_______________________________________________
TrouSerS-tech mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/trousers-tech

Reply via email to