Page MenuHomeFreeBSD

Fix undefined behavior when using asmc_fan_getstring()
ClosedPublic

Authored by uqs on Dec 30 2015, 12:08 PM.
Tags
None
Referenced Files
Unknown Object (File)
Mon, Dec 16, 5:16 AM
Unknown Object (File)
Nov 22 2024, 10:42 PM
Unknown Object (File)
Oct 15 2024, 1:22 PM
Unknown Object (File)
Oct 15 2024, 1:11 PM
Unknown Object (File)
Oct 1 2024, 5:38 PM
Unknown Object (File)
Sep 29 2024, 3:05 AM
Unknown Object (File)
Sep 27 2024, 12:15 AM
Unknown Object (File)
Sep 26 2024, 4:22 PM
Subscribers

Details

Reviewers
rpaulo
ed
Summary

It was returning a pointer to stack-allocated memory, so make the
allocation at the caller instead.

Found by: clang static analyzer

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Passed
Unit
No Test Coverage
Build Status
Buildable 1948
Build 1955: arc lint + arc unit

Event Timeline

uqs retitled this revision from to Fix undefined behavior when using asmc_fan_getstring().
uqs updated this object.
uqs edited the test plan for this revision. (Show Details)
uqs added a reviewer: rpaulo.
ed added a reviewer: ed.
ed added a subscriber: ed.
ed added inline comments.
sys/dev/asmc/asmc.c
966

Maybe use size_t buflen? If asmc_key_read() uses int anyway, just leave it the way it is.

1020

sizeof(buf) per style(9).

This revision is now accepted and ready to land.Jan 4 2016, 8:52 PM
uqs edited edge metadata.
uqs marked an inline comment as done.

Change type and style(9)

This revision now requires review to proceed.Jan 4 2016, 9:12 PM
ed edited edge metadata.
This revision is now accepted and ready to land.Jan 4 2016, 9:20 PM
rpaulo edited edge metadata.

committed

sys/dev/asmc/asmc.c
966

Yeah, I of course had size_t first, but realistically a char would suffice. I wanted to keep it as a 32bit int for the minor savings for LP64 platforms.

http://bxr.su/FreeBSD/sys/dev/asmc/asmc.c#717

asmc_key_read(device_t dev, const char *key, uint8_t *buf, uint8_t len)

so maybe use uint8_t as well?