Hi, it was found by code analysis (Coverity). From static analysis log: Error: FORWARD_NULL (CWE-476): OpenIPMI-2.0.27/lib/control.c:434: var_compare_op: Comparing "control->entity" to null implies that "control->entity" might be null. OpenIPMI-2.0.27/lib/control.c:440: var_deref_model: Passing null pointer "control->entity" to "i_ipmi_entity_put", which dereferences it. # 438| control->oem_info_cleanup_handler(control, control->oem_info); # 439| # 440|-> i_ipmi_entity_put(control->entity); # 441| ipmi_mem_free(control); # 442| }
Error: FORWARD_NULL (CWE-476): OpenIPMI-2.0.27/lib/sensor.c:1043: var_compare_op: Comparing "sensor->entity" to null implies that "sensor->entity" might be null. OpenIPMI-2.0.27/lib/sensor.c:1049: var_deref_model: Passing null pointer "sensor->entity" to "i_ipmi_entity_put", which dereferences it. # 1047| sensor->oem_info_cleanup_handler(sensor, sensor->oem_info); # 1048| # 1049|-> i_ipmi_entity_put(sensor->entity); # 1050| ipmi_mem_free(sensor); # 1051| } Regards, Vaclav Dolezal Dne 27. 03. 19 v 13:34 Corey Minyard napsal(a): > On Tue, Mar 26, 2019 at 10:48:30AM +0100, Václav Doležal wrote: > > You don't give any information here about this. Was it a crash? > Was it found by code analysis? Is it theoretical? > > It's fine otherwise, but I would like the info if possible. > > -corey > >> Signed-off-by: Vaclav Dolezal <vdole...@redhat.com> >> --- >> lib/control.c | 4 +++- >> lib/sensor.c | 4 +++- >> 2 files changed, 6 insertions(+), 2 deletions(-) >> >> diff --git a/lib/control.c b/lib/control.c >> index 64df4dac..b3feefd2 100644 >> --- a/lib/control.c >> +++ b/lib/control.c >> @@ -437,7 +437,9 @@ control_final_destroy(ipmi_control_t *control) >> if (control->oem_info_cleanup_handler) >> control->oem_info_cleanup_handler(control, control->oem_info); >> >> - i_ipmi_entity_put(control->entity); >> + if (control->entity) >> + i_ipmi_entity_put(control->entity); >> + >> ipmi_mem_free(control); >> } >> >> diff --git a/lib/sensor.c b/lib/sensor.c >> index 96aef5f6..084522fb 100644 >> --- a/lib/sensor.c >> +++ b/lib/sensor.c >> @@ -1046,7 +1046,9 @@ sensor_final_destroy(ipmi_sensor_t *sensor) >> if (sensor->oem_info_cleanup_handler) >> sensor->oem_info_cleanup_handler(sensor, sensor->oem_info); >> >> - i_ipmi_entity_put(sensor->entity); >> + if (sensor->entity) >> + i_ipmi_entity_put(sensor->entity); >> + >> ipmi_mem_free(sensor); >> } >> >> -- >> 2.20.1 >> >> >> >> _______________________________________________ >> Openipmi-developer mailing list >> Openipmi-developer@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/openipmi-developer _______________________________________________ Openipmi-developer mailing list Openipmi-developer@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openipmi-developer