[PATCH] [sunrpc] Fix possible null-pointer dereference.
Dmitry Chestnyh
d.chestnyh@omp.ru
Thu Mar 31 14:10:48 GMT 2022
This issue was found by SVACE static analyzer.
In clntunix_call function there are no
obvious checks of xdr_results ptr value.
And seems that we can't be sure that this pointer
isn't NULL.
---
sunrpc/clnt_unix.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/sunrpc/clnt_unix.c b/sunrpc/clnt_unix.c
index 33a02cc8af..ef8ef5fb4d 100644
--- a/sunrpc/clnt_unix.c
+++ b/sunrpc/clnt_unix.c
@@ -44,6 +44,7 @@
* Now go hang yourself.
*/
+#include <assert.h>
#include <netdb.h>
#include <errno.h>
#include <stdio.h>
@@ -278,6 +279,7 @@ call_again:
_seterr_reply (&reply_msg, &(ct->ct_error));
if (ct->ct_error.re_status == RPC_SUCCESS)
{
+ assert(xdr_results != NULL);
if (!AUTH_VALIDATE (h->cl_auth, &reply_msg.acpted_rply.ar_verf))
{
ct->ct_error.re_status = RPC_AUTHERROR;
--
2.25.1
More information about the Libc-alpha
mailing list