Follow us on Google+ Follow us on Facebook Follow us on Twitter

Opened 6 years ago

Last modified 3 years ago

#364 new defect

Possible NULL pointer dereference in async.c

Reported by: decky Owned by: jermar
Priority: major Milestone: 0.7.1
Component: helenos/lib/c Version: mainline
Keywords: Cc:
Blocker for: Depends on:
See also:

Description

There are several possible cases of NULL pointer dereference in async.c, e.g. due to async_send_fast() returning a zero AID (because of a failed malloc()) and subsequently dereferencing the AID as amsg_t in async_wait_for().

The problem needs to be mitigated either by using a blocking malloc() (but this might be complicated and deadlock-prone) or making all the "tail" functions such as async_wait_for() more robust.

Change History (2)

comment:1 Changed 5 years ago by jermar

  • Milestone changed from 0.5.0 to 0.5.1

Retargeting as this is not a regression from previous release.

comment:2 Changed 3 years ago by jermar

  • Milestone changed from 0.6.0 to 0.7.1
Note: See TracTickets for help on using tickets.