Author: araujo Date: Fri Jun 16 01:26:01 2017 New Revision: 319995 URL: https://svnweb.freebsd.org/changeset/base/319995
Log: Check if pthread_create(3) successfully created the thread prior to call pthread_join(3). The variable tid is not yet initialized in case the authentication fails at early stage, that would lead pthread_join be called with an uninitialized variable. CID: 1375950 Reported by: Coverity, cem Reviewed by: cem MFC after: 3 weeks. Sponsored by: iXsystems, Inc. Differential Revision: https://reviews.freebsd.org/D11150 Modified: head/usr.sbin/bhyve/rfb.c Modified: head/usr.sbin/bhyve/rfb.c ============================================================================== --- head/usr.sbin/bhyve/rfb.c Fri Jun 16 00:44:23 2017 (r319994) +++ head/usr.sbin/bhyve/rfb.c Fri Jun 16 01:26:01 2017 (r319995) @@ -769,6 +769,7 @@ rfb_handle(struct rfb_softc *rc, int cfd) pthread_t tid; uint32_t sres = 0; int len; + int perror = 1; rc->cfd = cfd; @@ -878,8 +879,9 @@ rfb_handle(struct rfb_softc *rc, int cfd) rfb_send_screen(rc, cfd, 1); - pthread_create(&tid, NULL, rfb_wr_thr, rc); - pthread_set_name_np(tid, "rfbout"); + perror = pthread_create(&tid, NULL, rfb_wr_thr, rc); + if (perror == 0) + pthread_set_name_np(tid, "rfbout"); /* Now read in client requests. 1st byte identifies type */ for (;;) { @@ -915,7 +917,8 @@ rfb_handle(struct rfb_softc *rc, int cfd) } done: rc->cfd = -1; - pthread_join(tid, NULL); + if (perror == 0) + pthread_join(tid, NULL); if (rc->enc_zlib_ok) deflateEnd(&rc->zstream); } _______________________________________________ [email protected] mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "[email protected]"
