Date: Fri, 30 Apr 1999 15:29:28 -0700 (PDT) From: cpeterso@cs.washington.edu To: freebsd-gnats-submit@freebsd.org Subject: kern/11412: code typo in ip_fil.c: missing NULL checks for calls to malloc(), calloc(), and realloc(). Message-ID: <19990430222928.A419E14E57@hub.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 11412 >Category: kern >Synopsis: code typo in ip_fil.c: missing NULL checks for calls to malloc(), calloc(), and realloc(). >Confidential: no >Severity: non-critical >Priority: medium >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Fri Apr 30 15:30:01 PDT 1999 >Closed-Date: >Last-Modified: >Originator: Christopher Peterson >Release: FreeBSD 3.1-RELEASE i386 >Organization: >Environment: >Description: The following calls to malloc(), calloc(), and realloc() do not check for a NULL return, indicating memory allocation failure. Also, if realloc() fails, the NULL return will overwrite the "ifneta" pointer, causing a memory leak! netinet/ip_fil.c (line 1150): malloc not checked for NULL; 17: ifneta = (struct ifnet**) malloc(sizeof(ifp) * 2); ifneta[1] = NULL; netinet/ip_fil.c (line 1152): calloc not checked for NULL; 17: ifneta[0] = (struct ifnet*)calloc(1, sizeof(*ifp)); netinet/ip_fil.c (line 1156): realloc overwrite src if NULL; 17: ifneta=(struct ifnet**)realloc(ifneta,(nifs+1)*sizeof(*ifa)) >How-To-Repeat: >Fix: >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19990430222928.A419E14E57>