Menu
▾
▴
1 Attachments
#445 [Patch] interface. c : dereference of a null pointer possible in loop
For file mpglib/interface.c in function sync_buffer(PMPSTR mp, int free_match)
The static analyzer tool shows issue of Dereference before null check in following code:
pos = buf->pos;
for (i = 0; i < mp->bsize; i++) {
/ get 4 bytes /
b[0] = b[1];
b[1] = b[2];
b[2] = b[3];
while (pos >= buf->size) {
buf = buf->next;
pos = buf->pos;
if (!buf) {
return -1;
/* not enough data to read 4 bytes */
}
}
b[3] = buf->pnt[pos];
++pos;
In the above code buf is checked to be null after the dereference in line pos = buf->pos;
which can result in dereference of a null pointer .
so null check should be before pos = buf->pos;
Please find attached patch.
Thanks!