[PATCH cgi-io 02/12] Fix possible NULL dereference
Petr Štetiar
ynezz at true.cz
Mon Oct 12 08:37:08 EDT 2020
Fixes following issue as reported by GCC-10 static analyzer:
multipart_parser.c: In function ‘multipart_parser_init’:
multipart_parser.c:88:22: error: dereference of possibly-NULL ‘p’ [CWE-690] [-Werror=analyzer-possible-null-dereference]
88 | p->boundary_length = strlen(boundary);
| ~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~
‘multipart_parser_init’: events 1-2
|
| 83 | multipart_parser* p = malloc(sizeof(multipart_parser) +
| | ^~~~~~~~~~~~~~~~
| | |
| | (1) this call could return NULL
|......
| 88 | p->boundary_length = strlen(boundary);
| | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| | |
| | (2) ‘p’ could be NULL: unchecked value from (1)
Signed-off-by: Petr Štetiar <ynezz at true.cz>
---
multipart_parser.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/multipart_parser.c b/multipart_parser.c
index ee82c82c8bfa..f1e1f38e1d71 100644
--- a/multipart_parser.c
+++ b/multipart_parser.c
@@ -84,6 +84,9 @@ multipart_parser* multipart_parser_init
strlen(boundary) +
strlen(boundary) + 9);
+ if (!p)
+ return NULL;
+
strcpy(p->multipart_boundary, boundary);
p->boundary_length = strlen(boundary);
More information about the openwrt-devel
mailing list