Bug 158339 - [rpc] [patch] replay_alloc() could dereference a null pointer...
Summary: [rpc] [patch] replay_alloc() could dereference a null pointer...
Status: Closed FIXED
Alias: None
Product: Base System
Classification: Unclassified
Component: kern (show other bugs)
Version: Unspecified
Hardware: Any Any
: Normal Affects Only Me
Assignee: Pawel Jakub Dawidek
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2011-06-27 13:30 UTC by Greg Becker
Modified: 2018-10-02 19:27 UTC (History)
1 user (show)

See Also:
bugmeister: mfc-stable10?
bugmeister: mfc-stable9?
bugmeister: mfc-stable8?

Attachments
file.diff (659 bytes, patch)
2011-06-27 13:30 UTC, Greg Becker 		no flags Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Greg Becker 2011-06-27 13:30:09 UTC 
relay_alloc() (in src/sys/rpc/replay.c) calls malloc() with the M_NOWAIT
flag, then proceeds to assume the pointer returned by malloc() is not
NULL.  This could cause a panic in a situation in which malloc() cannot
satisfy the request.

Fix: Check the return code from malloc().  See attached patch.

Patch attached with submission follows:
Comment 1 Gleb Smirnoff freebsd_committer freebsd_triage 2011-06-28 13:58:50 UTC 
State Changed
From-To: open->patched

This had been already fixed in head/ by pjd.
Comment 2 Gleb Smirnoff freebsd_committer freebsd_triage 2011-06-28 13:58:50 UTC 
Responsible Changed
From-To: freebsd-bugs->pjd

This had been already fixed in head/ by pjd.
Comment 3 Ed Maste freebsd_committer freebsd_triage 2018-10-02 19:27:01 UTC 
Fixed by r211853