From 67533c11d2069bcf65a08a84e26fba900448f4ea Mon Sep 17 00:00:00 2001 From: Vincent JARDIN Date: Mon, 9 Oct 2017 10:51:03 +0200 Subject: lib: linklist avoid access NULL->data Let's assert(NULL) if the datastructure is not set. The code assumes that the pointer is always non NULL. So, let's enforce this semantic. Signed-off-by: Vincent Jardin --- lib/linklist.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/lib/linklist.h b/lib/linklist.h index 4a65fead8..8a43fbe64 100644 --- a/lib/linklist.h +++ b/lib/linklist.h @@ -56,7 +56,8 @@ struct list { #define listtail(X) ((X) ? ((X)->tail) : NULL) #define listcount(X) ((X)->count) #define list_isempty(X) ((X)->head == NULL && (X)->tail == NULL) -#define listgetdata(X) (assert((X)->data != NULL), (X)->data) +/* return X->data only if X and X->data are not NULL */ +#define listgetdata(X) (assert(X), assert((X)->data != NULL), (X)->data) /* Prototypes. */ extern struct list * -- cgit v1.2.3 From 3f58e1b3e79090f29f8b4b75bb529d54ba719c26 Mon Sep 17 00:00:00 2001 From: Vincent JARDIN Date: Mon, 9 Oct 2017 12:32:05 +0200 Subject: lib: fix a64448ba, invalid NULL->num_labels We should assume match OK only when neither nhl1 and neither nhl2 are NULL. If both are NULL, it means match NOK. Clang Warning: Access to field 'num_labels' results in a dereference of a null pointer (loaded from variable 'nhl1') Signed-off-by: Vincent Jardin --- lib/nexthop.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/nexthop.c b/lib/nexthop.c index ea6a310a4..f6b2c9788 100644 --- a/lib/nexthop.c +++ b/lib/nexthop.c @@ -128,7 +128,7 @@ int nexthop_labels_match(struct nexthop *nh1, struct nexthop *nh2) nhl1 = nh1->nh_label; nhl2 = nh2->nh_label; - if ((nhl1 && !nhl2) || (!nhl1 && nhl2)) + if (!nhl1 || !nhl2) return 0; if (nhl1->num_labels != nhl2->num_labels) -- cgit v1.2.3 From 43b798b7dd149782d9dbad58c1a849d6d528b1d2 Mon Sep 17 00:00:00 2001 From: Vincent JARDIN Date: Mon, 9 Oct 2017 12:42:11 +0200 Subject: lib: fix NULL->field_len access Currenlty, this function is used only by: - unit test of csv.c (see its main() section) - ptm_lib.c In case of ptm, it is safe to return NULL because: csv_encode_record() -> return NULL _ptm_lib_encode_header() -> return NULL the only consumer of the return value is: ptm_lib_init_msg() that checks the NULL return. Warning: Access to field 'field_len' results in a dereference of a null pointer (loaded from variable 'fld') Signed-off-by: Vincent Jardin --- lib/csv.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/lib/csv.c b/lib/csv.c index 0ad5c74be..45582e309 100644 --- a/lib/csv.c +++ b/lib/csv.c @@ -284,6 +284,8 @@ csv_record_t *csv_encode_record(csv_t *csv, csv_record_t *rec, int count, ...) va_start(list, count); str = csv_field_iter(rec, &fld); + if (!fld) + return NULL; for (tempc = 0; tempc < count; tempc++) { col = va_arg(list, char *); for (i = 0; i < fld->field_len; i++) { -- cgit v1.2.3 From d9ced40ab7bba90bbac0a5c1b8dca3bd741c845d Mon Sep 17 00:00:00 2001 From: Vincent JARDIN Date: Mon, 9 Oct 2017 13:07:50 +0200 Subject: lib: fix wrong warning from clang The compiler cannot guess that rise() will not return here. One should help. Warning: Access to field 'file' results in a dereference of a null pointer (loaded from variable 'error') aka error->file while error is NULL. Signed-off-by: Vincent Jardin --- lib/ferr.c | 1 + 1 file changed, 1 insertion(+) diff --git a/lib/ferr.c b/lib/ferr.c index 2a039d208..69aeb3db4 100644 --- a/lib/ferr.c +++ b/lib/ferr.c @@ -74,6 +74,7 @@ static ferr_r ferr_set_va(const char *file, int line, const char *func, /* we're screwed */ zlog_err("out of memory while allocating error info"); raise(SIGSEGV); + abort(); /* raise() can return, but raise(SIGSEGV) shall not */ } pthread_setspecific(errkey, error); -- cgit v1.2.3