Hi,
it was found by code analysis (Coverity). From static analysis log:

Error: FORWARD_NULL (CWE-476):
OpenIPMI-2.0.27/lib/control.c:434: var_compare_op: Comparing "control->entity" 
to null implies that "control->entity" might be null.
OpenIPMI-2.0.27/lib/control.c:440: var_deref_model: Passing null pointer 
"control->entity" to "i_ipmi_entity_put", which dereferences it.
#  438|         control->oem_info_cleanup_handler(control, control->oem_info);
#  439|   
#  440|->     i_ipmi_entity_put(control->entity);
#  441|       ipmi_mem_free(control);
#  442|   }

Error: FORWARD_NULL (CWE-476):
OpenIPMI-2.0.27/lib/sensor.c:1043: var_compare_op: Comparing "sensor->entity" 
to null implies that "sensor->entity" might be null.
OpenIPMI-2.0.27/lib/sensor.c:1049: var_deref_model: Passing null pointer 
"sensor->entity" to "i_ipmi_entity_put", which dereferences it.
# 1047|         sensor->oem_info_cleanup_handler(sensor, sensor->oem_info);
# 1048|   
# 1049|->     i_ipmi_entity_put(sensor->entity);
# 1050|       ipmi_mem_free(sensor);
# 1051|   }

Regards,
Vaclav Dolezal


Dne 27. 03. 19 v 13:34 Corey Minyard napsal(a):
> On Tue, Mar 26, 2019 at 10:48:30AM +0100, Václav Doležal wrote:
> 
> You don't give any information here about this.  Was it a crash?
> Was it found by code analysis?  Is it theoretical?
> 
> It's fine otherwise, but I would like the info if possible.
> 
> -corey
> 
>> Signed-off-by: Vaclav Dolezal <vdole...@redhat.com>
>> ---
>>  lib/control.c | 4 +++-
>>  lib/sensor.c  | 4 +++-
>>  2 files changed, 6 insertions(+), 2 deletions(-)
>>
>> diff --git a/lib/control.c b/lib/control.c
>> index 64df4dac..b3feefd2 100644
>> --- a/lib/control.c
>> +++ b/lib/control.c
>> @@ -437,7 +437,9 @@ control_final_destroy(ipmi_control_t *control)
>>      if (control->oem_info_cleanup_handler)
>>      control->oem_info_cleanup_handler(control, control->oem_info);
>>  
>> -    i_ipmi_entity_put(control->entity);
>> +    if (control->entity)
>> +        i_ipmi_entity_put(control->entity);
>> +
>>      ipmi_mem_free(control);
>>  }
>>  
>> diff --git a/lib/sensor.c b/lib/sensor.c
>> index 96aef5f6..084522fb 100644
>> --- a/lib/sensor.c
>> +++ b/lib/sensor.c
>> @@ -1046,7 +1046,9 @@ sensor_final_destroy(ipmi_sensor_t *sensor)
>>      if (sensor->oem_info_cleanup_handler)
>>      sensor->oem_info_cleanup_handler(sensor, sensor->oem_info);
>>  
>> -    i_ipmi_entity_put(sensor->entity);
>> +    if (sensor->entity)
>> +        i_ipmi_entity_put(sensor->entity);
>> +
>>      ipmi_mem_free(sensor);
>>  }
>>  
>> -- 
>> 2.20.1
>>
>>
>>
>> _______________________________________________
>> Openipmi-developer mailing list
>> Openipmi-developer@lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/openipmi-developer


_______________________________________________
Openipmi-developer mailing list
Openipmi-developer@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openipmi-developer

Reply via email to