FreeBSD Bugzilla – Attachment 248120 Details for
Bug 276770
Some potential NULL-pointer dereferences
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
The potential NULL dereferences
PotentialNULLPointerDereferences.tsv (text/plain), 3.05 KB, created by
Qiushi
on 2024-02-01 21:36:26 UTC
(
hide
)
Description:
The potential NULL dereferences
Filename:
MIME Type:
Creator:
Qiushi
Created:
2024-02-01 21:36:26 UTC
Size:
3.05 KB
patch
obsolete
>The allocation functions that can return NULL pointer Potential Buggy Point Potential buggy uses (the returned pointers are not properly checked) >uma_zalloc sys/kern/sys_pipe.c +366 *p_pp = pp = uma_zalloc(pipe_zone, M_WAITOK); >uma_zalloc sys/kern/vfs_syscalls.c +1716 tmppath = uma_zalloc(namei_zone, M_WAITOK); >uma_zalloc sys/kern/kern_descrip.c +2126 fp = uma_zalloc(file_zone, M_WAITOK); >malloc sys/kern/sys_procdesc.c +213 pd = malloc(sizeof(*pd), M_PROCDESC, M_WAITOK | M_ZERO); >uma_zalloc sys/kern/kern_cpuset.c +584 ndomain = uma_zalloc(domainset_zone, M_WAITOK | M_ZERO); >uma_zalloc sys/kern/kern_cpuset.c +373 *setp = set = uma_zalloc(cpuset_zone, M_WAITOK | M_ZERO); >malloc sys/kern/sys_generic.c +1822/+1821 stp->st_free1 = malloc(sizeof(*stp->st_free1), M_SELFD, M_WAITOK|M_ZERO); >uma_zalloc sys/fs/nfsserver/nfs_nfsdport.c +813 cnp->cn_pnbuf = uma_zalloc(namei_zone, M_WAITOK); >uma_zalloc sys/fs/cd9660/cd9660_vnops.c +671 symname = uma_zalloc(namei_zone, M_WAITOK); >uma_zalloc sys/cam/scsi/scsi_pass.c +1571 kern_ptr = uma_zalloc(softc->pass_io_zone, M_WAITOK); >xpt_alloc_ccb sys/dev/tws/tws_cam.c +210 ccb = xpt_alloc_ccb(); >xpt_alloc_ccb sys/dev/mpt/mpt_raid.c +706 ccb = xpt_alloc_ccb(); >xpt_alloc_ccb sys/cam/cam_xpt.c +460 ccb = xpt_alloc_ccb(); >cam_simq_alloc sys/cam/cam_xpt.c +910 devq = cam_simq_alloc(16); >nvme_allocate_request_vaddr sys/dev/nvme/nvme_ctrlr_cmd.c +39 req = nvme_allocate_request_vaddr(payload, sizeof(struct nvme_controller_data), cb_fn, cb_arg); >nvme_allocate_request_vaddr sys/dev/nvme/nvme_ctrlr_cmd.c +63 req = nvme_allocate_request_vaddr(payload, sizeof(struct nvme_namespace_data), cb_fn, cb_arg); >nvme_allocate_request_vaddr sys/dev/nvme/nvme_ctrlr_cmd.c +262 req = nvme_allocate_request_vaddr(payload, payload_size, cb_fn, cb_arg); >nvme_allocate_request_vaddr sys/dev/nvme/nvme_ctrlr.c +1256/+1259 req = nvme_allocate_request_vaddr(buf->b_data, pt->len, nvme_pt_done, pt); >g_malloc sys/geom/geom_dev.c +359/+263 sc = g_malloc(sizeof(*sc), M_WAITOK | M_ZERO); >g_malloc sys/geom/part/g_part_ebr.c +644 buf = g_malloc(pp->sectorsize, M_WAITOK | M_ZERO); >g_malloc sys/geom/part/g_part.c +903 buf = g_malloc(pp->sectorsize, M_WAITOK | M_ZERO); >g_malloc sys/geom/part/g_part_gpt.c +711/+1217/+1225... table->hdr = g_malloc(sizeof(struct gpt_hdr), M_WAITOK | M_ZERO); >g_malloc sys/geom/part/g_part_bsd.c +214 table->bbarea = g_malloc(BBSIZE, M_WAITOK | M_ZERO); >g_malloc sys/geom/geom_disk.c +625 buf = g_malloc(DISK_IDENT_SIZE, M_WAITOK); >g_malloc sys/geom/geom_vfs.c +280 sc = g_malloc(sizeof(*sc), M_WAITOK | M_ZERO); >g_malloc sys/geom/geom_subr.c +753 hh = g_malloc(sizeof *hh, M_WAITOK | M_ZERO); >devfs_alloc sys/kern/kern_conf.c +1331 ndev = devfs_alloc(MAKEDEV_WAITOK); >if_alloc sys/net/if_gif.c +144 GIF2IFP(sc) = if_alloc(IFT_GIF); >if_alloc sys/net/if_ipsec.c +193/195 sc->ifp = ifp = if_alloc(IFT_TUNNEL); /sc = malloc(sizeof(*sc), M_IPSEC, M_WAITOK | M_ZERO); >if_alloc sys/dev/xen/netfront/netfront.c +2310 ifp = np->xn_ifp = if_alloc(IFT_ETHER); >sglist_alloc sys/dev/pci/pci_user.c +891 sg = sglist_alloc(1, M_WAITOK);
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=248120">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 276770
: 248120