From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mailout.scc.kit.edu (mailout.scc.kit.edu [129.13.185.202]) by krisdoz.my.domain (8.14.5/8.14.5) with ESMTP id r4IHsa3L024232 for ; Sat, 18 May 2013 13:54:36 -0400 (EDT) Received: from hekate.usta.de (asta-nat.asta.uni-karlsruhe.de [172.22.63.82]) by scc-mailout-02.scc.kit.edu with esmtp (Exim 4.72 #1) id 1UdlL1-0004gW-Jm; Sat, 18 May 2013 19:54:35 +0200 Received: from donnerwolke.usta.de ([172.24.96.3]) by hekate.usta.de with esmtp (Exim 4.77) (envelope-from ) id 1UdlL1-0001NA-Jp; Sat, 18 May 2013 19:54:35 +0200 Received: from iris.usta.de ([172.24.96.5] helo=usta.de) by donnerwolke.usta.de with esmtp (Exim 4.72) (envelope-from ) id 1UdlL1-0003wp-IR; Sat, 18 May 2013 19:54:35 +0200 Received: from schwarze by usta.de with local (Exim 4.77) (envelope-from ) id 1UdlL1-0007Mt-Hh; Sat, 18 May 2013 19:54:35 +0200 Date: Sat, 18 May 2013 19:54:35 +0200 From: Ingo Schwarze To: tech@mdocml.bsd.lv Cc: uqs@spoerlein.net Subject: Re: [patch] avoid possible null pointer dereference Message-ID: <20130518175435.GB13985@iris.usta.de> References: <20130517013739.GZ2055@acme.spoerlein.net> X-Mailinglist: mdocml-tech Reply-To: tech@mdocml.bsd.lv MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <20130517013739.GZ2055@acme.spoerlein.net> User-Agent: Mutt/1.5.21 (2010-09-15) Hi Ulrich, Ulrich Spörlein wrote on Fri, May 17, 2013 at 03:37:39AM +0200: > termp_xx_pre() will call term_word() with NULL when the switch case > falls through to the default case. Actually, that cannot happen because termp_xx_pre() will not be called for macros it is not intended to handle. Still, it's arguably a cosmetical issue. The code looks like the default case would be legitimate, which it is not. > There are several ways to avoid the segfault, not sure this is the > best one. No, it isn't, because that merely substitutes one uncontrolled failure mode by another one that's arguably even harder to debug, should it ever occur (after incorrect code changes elsewhere). Instead, i committed a change to bsd.lv and openbsd.org using abort(3). > This is Coverity Scan CID 976115. Thanks, Ingo > Index: mdoc_term.c > =================================================================== > RCS file: /usr/vhosts/mdocml.bsd.lv/cvs/mdocml/mdoc_term.c,v > retrieving revision 1.245 > diff -u -p -r1.245 mdoc_term.c > --- mdoc_term.c 17 Nov 2012 00:26:33 -0000 1.245 > +++ mdoc_term.c 17 May 2013 01:32:03 -0000 > @@ -1756,7 +1756,7 @@ termp_xx_pre(DECL_ARGS) > pp = "UNIX"; > break; > default: > - break; > + return(0); > } > > term_word(p, pp); -- To unsubscribe send an email to tech+unsubscribe@mdocml.bsd.lv