New Defects reported by Coverity Scan for NetBSD-amd64-kernel

Subject: New Defects reported by Coverity Scan for NetBSD-amd64-kernel
From: scan-admin%coverity.com@localhost
Date: Tue, 19 Aug 2014 03:18:01 -0700

Hi,


Please find the latest report on new defect(s) introduced to 
NetBSD-amd64-kernel found with Coverity Scan.

Defect(s) Reported-by: Coverity Scan
Showing 3 of 3 defect(s)


** CID 1231861:  Explicit null dereferenced  (FORWARD_NULL)
/sys/netinet/tcp_usrreq.c: 1226 in tcp_disconnect1()

** CID 1231863:  Dereference before null check  (REVERSE_INULL)
/sys/kern/uipc_usrreq.c: 1316 in unp_disconnect1()

** CID 1231864:  Dereference before null check  (REVERSE_INULL)
/sys/netbt/hci_socket.c: 425 in hci_send_pcb()


________________________________________________________________________________________________________
*** CID 1231861:  Explicit null dereferenced  (FORWARD_NULL)
/sys/netinet/tcp_usrreq.c: 1226 in tcp_disconnect1()
1220     #endif
1221            else
1222                    so = NULL;
1223     
1224            if (TCPS_HAVEESTABLISHED(tp->t_state) == 0)
1225                    tp = tcp_close(tp);
>>>     CID 1231861:  Explicit null dereferenced  (FORWARD_NULL)
>>>     Dereferencing null pointer "so".
1226            else if ((so->so_options & SO_LINGER) && so->so_linger == 0)
1227                    tp = tcp_drop(tp, 0);
1228            else {
1229                    soisdisconnecting(so);
1230                    sbflush(&so->so_rcv);
1231                    tp = tcp_usrclosed(tp);

________________________________________________________________________________________________________
*** CID 1231863:  Dereference before null check  (REVERSE_INULL)
/sys/kern/uipc_usrreq.c: 1316 in unp_disconnect1()
1310                    if (unp2->unp_refs == unp)
1311                            unp2->unp_refs = unp->unp_nextref;
1312                    else {
1313                            unp2 = unp2->unp_refs;
1314                            for (;;) {
1315                                    KASSERT(solocked2(so, 
unp2->unp_socket));
>>>     CID 1231863:  Dereference before null check  (REVERSE_INULL)
>>>     Null-checking "unp2" suggests that it may be null, but it has already 
>>> been dereferenced on all paths leading to the check.
1316                                    if (unp2 == 0)
1317                                            panic("unp_disconnect1");
1318                                    if (unp2->unp_nextref == unp)
1319                                            break;
1320                                    unp2 = unp2->unp_nextref;
1321                            }

________________________________________________________________________________________________________
*** CID 1231864:  Dereference before null check  (REVERSE_INULL)
/sys/netbt/hci_socket.c: 425 in hci_send_pcb()
419     
420             return 0;
421     
422     bad:
423             DPRINTF("packet (%d bytes) not sent (error %d)\n",
424                             m->m_pkthdr.len, err);
>>>     CID 1231864:  Dereference before null check  (REVERSE_INULL)
>>>     Null-checking "m" suggests that it may be null, but it has already been 
>>> dereferenced on all paths leading to the check.
425             if (m) m_freem(m);
426             return err;
427     }
428     
429     static int
430     hci_attach(struct socket *so, int proto)


________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, 
http://scan.coverity.com/projects/1447?tab=overview

To unsubscribe from the email notification for new defects, 
http://scan5.coverity.com/cgi-bin/unsubscribe.py

Prev by Date: New Defects reported by Coverity Scan for NetBSD-i386-user
Next by Date: New Defects reported by Coverity Scan for NetBSD-amd64-user
Previous by Thread: New Defects reported by Coverity Scan for NetBSD-amd64-kernel
Next by Thread: New Defects reported by Coverity Scan for NetBSD-amd64-kernel
Indexes:

Home | Main Index | Thread Index | Old Index