]> Kevux Git Server - fll/commit
projects / fll / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 3964e72) | patch
Security: NULL pointer dereference in writer due to pipe function result handling.
authorKevin Day <kevin@kevux.org>
Thu, 26 Jan 2023 00:56:36 +0000 (18:56 -0600)
committerKevin Day <kevin@kevux.org>
Thu, 26 Jan 2023 00:56:36 +0000 (18:56 -0600)
commitce7d8e385d3518b752d262420bb477c4e2f0f549
tree955a6364508ddd095441c272df89c0d08b3bce71tree | snapshot
parent3964e725a4ced29e738110847749b1bfef9368c9commit | diff
Security: NULL pointer dereference in writer due to pipe function result handling.

The GCC -fanalyzer parameter helped me discover this one.

The status_pipe is being read and processed.
There is a case where the status_pipe is being set but it is not being reset after handling.
In a later loop the pipe does not get read but the previously set state is used bringing the code into a bad state.
Then the loop doesn't do the block buffer used check and this results in the eventual NULL dereference.
level_3/fss_basic_list_write/c/private-write.c diff | blob | history
level_3/fss_basic_write/c/private-write.c diff | blob | history
level_3/fss_embedded_list_write/c/private-write.c diff | blob | history
level_3/fss_extended_list_write/c/private-write.c diff | blob | history
level_3/fss_extended_write/c/private-write.c diff | blob | history
level_3/fss_payload_write/c/private-write.c diff | blob | history
The Featureless Linux Library (FLL) Git repository.