|
From: Florian K. <fl...@ei...> - 2014-09-09 15:21:04
|
I know its kinda late but I only got the results this afternoon...
3 things of relevance were found (and a bunch of things identifying
spots where tidying up is needed - but those can wait):
coregrind/m_deduppoolalloc.c", line 115:
ddpa->curpool_limit = NULL;
ddpa->curpool_free = ddpa->curpool_limit + 1;
Arithmeric involving NULL is not allowed.
"coregrind/m_gdbserver/valgrind-low-arm64.c", line 188:
A break might be missing (above `case 34:').
As always, tools can never be sure...
"coregrind/m_syswrap/syswrap-generic.c", line 4123:
invalid operation involving NULL pointer
if (ARG2 && // <--- evidence that ARG2 can be NULL
((struct vki_rlimit *)ARG2)->rlim_cur > ((struct vki_rlimit
*)ARG2)->rlim_max) {
SET_STATUS_Failure( VKI_EINVAL );
}
else if (arg1 == VKI_RLIMIT_NOFILE) {
if (((struct vki_rlimit *)ARG2)->rlim_cur > VG_(fd_hard_limit) ||
If ARG2 == NULL and arg1 == VKI_RLIMIT_NOFILE then a NULL pointer will
be dereferenced. This also happens in several places a few lines
further down... 4133, 4143
Cheers,
Florian
|