summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorcperciva <cperciva@FreeBSD.org>2008-08-04 07:01:42 +0000
committercperciva <cperciva@FreeBSD.org>2008-08-04 07:01:42 +0000
commitcebedc34981fc20851ec92c818884c42aec0d8ed (patch)
tree64fc0274a3dc8e6301a83f473edc163ba473da02
parent5b18df3c7320c50e7b637d1154acf50eb81c99e8 (diff)
downloadFreeBSD-src-cebedc34981fc20851ec92c818884c42aec0d8ed.zip
FreeBSD-src-cebedc34981fc20851ec92c818884c42aec0d8ed.tar.gz
Dereferencing uninitialized pointers considered harmful. Prior to this
commit, calling i386_parsedev(..., X, ...) where X is "ad", "bge", or any other disk or network device name without a unit number, would result in dereferencing whatever happened to be on the stack where the variable "cp" is stored. Found by: LLVM/Clang Static Checker
-rw-r--r--sys/boot/i386/libi386/devicename.c4
1 files changed, 4 insertions, 0 deletions
diff --git a/sys/boot/i386/libi386/devicename.c b/sys/boot/i386/libi386/devicename.c
index 520fdb5..e1035aa 100644
--- a/sys/boot/i386/libi386/devicename.c
+++ b/sys/boot/i386/libi386/devicename.c
@@ -150,6 +150,8 @@ i386_parsedev(struct i386_devdesc **dev, const char *devspec, const char **path)
cp++;
}
}
+ } else {
+ cp = np;
}
if (*cp && (*cp != ':')) {
err = EINVAL;
@@ -173,6 +175,8 @@ i386_parsedev(struct i386_devdesc **dev, const char *devspec, const char **path)
err = EUNIT;
goto fail;
}
+ } else {
+ cp = np;
}
if (*cp && (*cp != ':')) {
err = EINVAL;
OpenPOWER on IntegriCloud