| Re: [chrony-dev] Alleged out of bounds read in cmdmon.c |
[ Thread Index |
Date Index
| More chrony.tuxfamily.org/chrony-dev Archives
]
On 08/05/14 14:19, Miroslav Lichvar wrote:
> On Tue, Aug 05, 2014 at 01:47:37PM +0200, Holger Hoffstätte wrote:
>> On 08/05/14 12:31, Miroslav Lichvar wrote:
>>> [1] http://listengine.tuxfamily.org/chrony.tuxfamily.org/chrony-dev/2013/10/msg00011.html
>>
>> Why is the "potential null dereference" in sys_linux.c a false positive? If #365 yields null into pw, it will LOG_FATAL and then continue to fall through to #377 where the call to setgid will deref the still-null pw. No?
>
> LOG_FATAL calls exit(), it doesn't return. We could add "return 0" there
> to remove the warning, but there are still other 6 in the report.
Ha! I thought so, looked into logging.h and .. apparently missed the exit(). :(
Maybe __attribute__ ((noreturn)) will do the trick? IMHO it was made for that purpose.
-h
--
To unsubscribe email chrony-dev-request@xxxxxxxxxxxxxxxxxxxx with "unsubscribe" in the subject.
For help email chrony-dev-request@xxxxxxxxxxxxxxxxxxxx with "help" in the subject.
Trouble? Email listmaster@xxxxxxxxxxxxxxxxxxxx.