Fork us on GitHub Follow us on Google+ Follow us on Facebook Follow us on Twitter

Opened 7 years ago

Last modified 4 months ago

#364 new defect

Possible NULL pointer dereference in async.c

Reported by: Martin Decky Owned by: Jakub Jermář
Priority: major Milestone:
Component: helenos/lib/c Version: mainline
Keywords: Cc:
Blocker for: Depends on:
See also:


There are several possible cases of NULL pointer dereference in async.c, e.g. due to async_send_fast() returning a zero AID (because of a failed malloc()) and subsequently dereferencing the AID as amsg_t in async_wait_for().

The problem needs to be mitigated either by using a blocking malloc() (but this might be complicated and deadlock-prone) or making all the "tail" functions such as async_wait_for() more robust.

Change History (3)

comment:1 Changed 6 years ago by Jakub Jermář


Retargeting as this is not a regression from previous release.

comment:2 Changed 4 years ago by Jakub Jermář


comment:3 Changed 4 months ago by Jakub Jermář

Milestone: 0.7.1
Note: See TracTickets for help on using tickets.