| Re: [chrony-dev] [sdl-chrony] DEREF_OF_NULL.RET.STAT in UTI_OpenFile function |
[ Thread Index |
Date Index
| More chrony.tuxfamily.org/chrony-dev Archives
]
- To: chrony-dev@xxxxxxxxxxxxxxxxxxxx
- Subject: Re: [chrony-dev] [sdl-chrony] DEREF_OF_NULL.RET.STAT in UTI_OpenFile function
- From: Miroslav Lichvar <mlichvar@xxxxxxxxxx>
- Date: Wed, 11 Oct 2023 09:28:10 +0200
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1697009300; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=Zpr2IbvN87cMdtMKOGwyQC8Xl2uXEGEPFaQ+MLLyAVc=; b=NlBjvzYE6u/V3bIW1wy63gB7RZ3euv9SypJdJe2GCrl6P6I/RWK/X7xPc6fc3MZR1jQUlh XtofD3OO1+Dv48ALO5NrC0/N21mvXAlecVvlK1IuXcfQz8jAuB7iaG1jyikZchakJSsLsu SLTKmsQomeePOy9KtpjBHbY6rh1ecvw=
On Tue, Oct 10, 2023 at 09:36:45PM +0300, Елена Быханова wrote:
> While analyzing the program code, we found the following: DEREF_OF_NULL in conf.c .
> Return value of a function 'UTI_OpenFile' is dereferenced at conf.c:515 without checking for NULL .
> The only difference between these cases is the register of the transmitted value. However, the research did not reveal any reasons for skipping the check in the case of uppercase letters .
The reason is explained in util.h:
The following modes are supported (if the mode is an uppercase character,
errors are fatal):
That is, with an uppercase mode the function doesn't return NULL. If
the file cannot be opened, the process is terminated instead. There is
no need to check the return value.
--
Miroslav Lichvar
--
To unsubscribe email chrony-dev-request@xxxxxxxxxxxxxxxxxxxx with "unsubscribe" in the subject.
For help email chrony-dev-request@xxxxxxxxxxxxxxxxxxxx with "help" in the subject.
Trouble? Email listmaster@xxxxxxxxxxxxxxxxxxxx.