Hi there,
My name is Shaobo He and I am a graduate student at University of Utah.
I am using a static analysis tool to search for null pointer
dereferences and came across a couple of potentially invalid memory
accesses in the file drivers/iommu/intel-iommu.c. Function
`domain_get_iommu` can return a NULL pointer. There are four uses of
this function in the file drivers/iommu/intel-iommu.c:
1. In function `__intel_map_single:
The return value is not NULL-checked.
2. In function `add_unmap`:
The return value is not NULL-checked.
3. In function `intel_unmap`:
The return value is not NULL-checked in its callees.
4. In function `intel_map_sg`:
The return value is not NULL-checked.
So I was wondering if the NULL condition is actually infeasible
otherwise there seems to exist NULL pointer dereferences.
Best,
Shaobo
_______________________________________________
iommu mailing list
[email protected]
https://lists.linuxfoundation.org/mailman/listinfo/iommu
