[jira] [Resolved] (TS-3865) CID 1317247 and 1317248: Null pointer dereference

Mon, 24 Aug 2015 08:39:06 -0700 

     [ 
https://issues.apache.org/jira/browse/TS-3865?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Susan Hinrichs resolved TS-3865.
--------------------------------
    Resolution: Fixed

Changed dynamic_cast to static_cast to avoid possibility of NULL.  Since we are 
calling allocate_vc from the specific factory, there should be no possibility 
of NULL.

> CID 1317247 and 1317248: Null pointer dereference
> -------------------------------------------------
>
>                 Key: TS-3865
>                 URL: https://issues.apache.org/jira/browse/TS-3865
>             Project: Traffic Server
>          Issue Type: Bug
>          Components: HTTP
>            Reporter: Leif Hedstrom
>            Assignee: Susan Hinrichs
>             Fix For: 6.1.0
>
>
> I believe the is from c181e7eea93592:
> {code}
> New defect(s) Reported-by: Coverity Scan
> Showing 2 of 2 defect(s)
> ** CID 1317248:  Null pointer dereferences  (FORWARD_NULL)
> /iocore/net/UnixNetVConnection.cc: 1395 in 
> UnixNetVConnection::migrateToCurrentThread(Continuation *, EThread *)()
> ________________________________________________________________________________________________________
> *** CID 1317248:  Null pointer dereferences  (FORWARD_NULL)
> /iocore/net/UnixNetVConnection.cc: 1395 in 
> UnixNetVConnection::migrateToCurrentThread(Continuation *, EThread *)()
> 1389     
> 1390       // Create new VC:
> 1391       NetVConnection *new_vc = NULL;
> 1392       if (save_ssl) {
> 1393         new_vc = sslNetProcessor.allocate_vc(t);
> 1394         SSLNetVConnection *sslvc = dynamic_cast<SSLNetVConnection 
> *>(new_vc);
>    CID 1317248:  Null pointer dereferences  (FORWARD_NULL)
>    Passing null pointer "sslvc" to "populate", which dereferences it. (The 
> dereference happens because this is a virtual function call.)
> 1395         if (sslvc->populate(hold_con, cont, save_ssl) != EVENT_DONE) {
> 1396           sslvc->do_io_close();
> 1397           sslvc = NULL;
> 1398         }
> 1399         return sslvc;
> 1400         // Update the SSL fields
> ** CID 1317247:  Null pointer dereferences  (FORWARD_NULL)
> /iocore/net/UnixNetVConnection.cc: 1404 in 
> UnixNetVConnection::migrateToCurrentThread(Continuation *, EThread *)()
> ________________________________________________________________________________________________________
> *** CID 1317247:  Null pointer dereferences  (FORWARD_NULL)
> /iocore/net/UnixNetVConnection.cc: 1404 in 
> UnixNetVConnection::migrateToCurrentThread(Continuation *, EThread *)()
> 1398         }
> 1399         return sslvc;
> 1400         // Update the SSL fields
> 1401       } else {
> 1402         new_vc = netProcessor.allocate_vc(t);
> 1403         UnixNetVConnection *netvc = dynamic_cast<UnixNetVConnection 
> *>(new_vc);
>    CID 1317247:  Null pointer dereferences  (FORWARD_NULL)
>    Passing null pointer "netvc" to "populate", which dereferences it. (The 
> dereference happens because this is a virtual function call.)
> 1404         if (netvc->populate(hold_con, cont, save_ssl) != EVENT_DONE) {
> 1405           netvc->do_io_close();
> 1406           netvc = NULL;
> 1407         }
> 1408         return netvc;
> 1409       }
> {code}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to