Re: options MODULAR improvements phase 1.0

To: tech-kern%netbsd.org@localhost
Subject: Re: options MODULAR improvements phase 1.0
From: Matthew Mondor <mm_lists%pulsar-zone.net@localhost>
Date: Wed, 3 Jun 2009 18:18:09 -0400

On Tue, 2 Jun 2009 18:48:53 -0700
jnemeth%victoria.tc.ca@localhost (John Nemeth) wrote:

> diff [...]

It's possible that I misinterpreted the code, but by a quick look I
think I've seen the following issue:

It's possible in module_load_plist_file() for a failure in vn_stat() or
vn_open() to set error and jump to out1, which might set *basep to NULL
(base before kmem_zalloc()) or for a failure of vn_rdrw() to cause the
buffer to be kmem_free()ed and base set again to NULL (and returned in
*basep);  However, the caller (I can't see its function name by the
diff) seems to explicitely still kmem_free(plist) in case of error
without a NULL check, and kmem_free(9) suggests freeing NULL is
illegal...

Thanks,
-- 
Matt

Follow-Ups:
- Re: options MODULAR improvements phase 1.0
  - From: John Nemeth

References:
- options MODULAR improvements phase 1.0
  - From: John Nemeth

Prev by Date: [PATCH] pcictl: simplify its usage
Next by Date: Re: options MODULAR improvements phase 1.0
Previous by Thread: options MODULAR improvements phase 1.0
Next by Thread: Re: options MODULAR improvements phase 1.0
Indexes:

Home | Main Index | Thread Index | Old Index