[OpenWrt-Devel] [PATCH v2 libubox 10/10] avl: guard against theoretical null pointer dereference

Petr Štetiar ynezz at true.cz
Wed Nov 20 16:43:53 EST 2019


clang-10 analyzer reports following:

 avl.c:671:25: warning: Access to field 'parent' results in a dereference of a null pointer (loaded from field 'right')
     node->right->parent = parent;
           ~~~~~         ^

Which seems to be impossible to trigger via exported AVL public API, but
it could be probably trigerred by fiddling with the AVL tree node struct
members manually as they are exposed.

Signed-off-by: Petr Štetiar <ynezz at true.cz>
---
 avl.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/avl.c b/avl.c
index 8d0bf65aaa5b..79ea5c798b64 100644
--- a/avl.c
+++ b/avl.c
@@ -45,6 +45,7 @@
 #include <string.h>
 
 #include "avl.h"
+#include "assert.h"
 #include "list.h"
 
 /**
@@ -668,6 +669,7 @@ avl_delete_worker(struct avl_tree *tree, struct avl_node *node)
       return;
     }
 
+    assert(node->right);
     node->right->parent = parent;
 
     if (parent->left == node)

_______________________________________________
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel


More information about the openwrt-devel mailing list