-
Notifications
You must be signed in to change notification settings - Fork 1.9k
Challenge: write a query to find this C NULL dereference #16516
catenacyber
started this conversation in
Ideas
-
The code is basically :
static void AllocAndProcessStep2(SomeStruct *r, otherargs...) {
// do not check r, and dereference it !!!
if (r->somefield) {
// do something
}
}
static SomeStruct * AllocAndProcessStep1(someargs) {
if (unlikelyButMayHappen(someargs)) {
return NULL;
}
SomeStruct * r = malloc(somesize);
if (r == NULL) {
return NULL;
}
// fill some r fields
return r;
}
static SomeStruct * AllocAndProcess(someargs) {
SomeStruct * r = AllocAndProcessStep1(someargs);
// do not check r
AllocAndProcessStep2(r, ...);
return r;
}
static void Parent() {
SomeStruct * r = AllocAndProcess(someargs);
if (r == NULL) {
// log error, etc...
return;
}
}
Beta Was this translation helpful? Give feedback.
All reactions
Replies: 1 comment
-
Trying something with #16524
Some interesting results, but most come from ignoring that allocations can fail...
Beta Was this translation helpful? Give feedback.
All reactions
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment