* Potentially invalid memory accesses in file drivers/iommu/intel-iommu.c
@ 2017-07-19 23:51 Shaobo
0 siblings, 0 replies; only message in thread
From: Shaobo @ 2017-07-19 23:51 UTC (permalink / raw)
To: iommu-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA
Cc: dwmw2-wEGCiKHe2LqWVfeAwA7xHQ
Hi there,
My name is Shaobo He and I am a graduate student at University of Utah.
I am using a static analysis tool to search for null pointer
dereferences and came across a couple of potentially invalid memory
accesses in the file drivers/iommu/intel-iommu.c. Function
`domain_get_iommu` can return a NULL pointer. There are four uses of
this function in the file drivers/iommu/intel-iommu.c:
1. In function `__intel_map_single:
The return value is not NULL-checked.
2. In function `add_unmap`:
The return value is not NULL-checked.
3. In function `intel_unmap`:
The return value is not NULL-checked in its callees.
4. In function `intel_map_sg`:
The return value is not NULL-checked.
So I was wondering if the NULL condition is actually infeasible
otherwise there seems to exist NULL pointer dereferences.
Best,
Shaobo
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2017-07-19 23:51 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2017-07-19 23:51 Potentially invalid memory accesses in file drivers/iommu/intel-iommu.c Shaobo
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).