Possible NULL pointer dereference in async.c
|Reported by:||Martin Decky||Owned by:||Jiří Zárevúcky|
|Blocker for:||Depends on:|
There are several possible cases of NULL pointer dereference in async.c, e.g. due to async_send_fast() returning a zero AID (because of a failed malloc()) and subsequently dereferencing the AID as amsg_t in async_wait_for().
The problem needs to be mitigated either by using a blocking malloc() (but this might be complicated and deadlock-prone) or making all the "tail" functions such as async_wait_for() more robust.