Date: Tue, 11 Mar 2014 17:19:39 -0700 From: Conrad Meyer <cemeyer@uw.edu> To: freebsd-hackers@freebsd.org Cc: Conrad Meyer <conrad.meyer@isilon.com>, Jeffrey Roberson <jeff@freebsd.org> Subject: [PATCH 1/5] vm/device_pager.c: dev_pager_alloc: 'size' must be non-zero Message-ID: <1394583583-19023-2-git-send-email-conrad.meyer@isilon.com> In-Reply-To: <1394583583-19023-1-git-send-email-conrad.meyer@isilon.com> References: <1394583583-19023-1-git-send-email-conrad.meyer@isilon.com>
next in thread | previous in thread | raw e-mail | index | archive | help
If size is zero, paddr is used uninitialized when assigning object1->pg_color. Found with Clang static analysis. Signed-off-by: Conrad Meyer <conrad.meyer@isilon.com> --- sys/vm/device_pager.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/sys/vm/device_pager.c b/sys/vm/device_pager.c index 13491ba..5125d20 100644 --- a/sys/vm/device_pager.c +++ b/sys/vm/device_pager.c @@ -135,6 +135,12 @@ cdev_pager_allocate(void *handle, enum obj_type tp, struct cdev_pager_ops *ops, if (foff & PAGE_MASK) return (NULL); + /* + * Size must be non-zero. + */ + if (size == 0) + return (NULL); + size = round_page(size); pindex = OFF_TO_IDX(foff + size); -- 1.8.5.3
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1394583583-19023-2-git-send-email-conrad.meyer>