use after free bugs
Julian Elischer
julian at elischer.org
Sat Aug 21 00:28:55 PDT 2004
Ted Unangst wrote:
> these are results from running Coverity's analysis over Freebsd 4.10
> kernel.
> two improper loops:
> if_ef.c:566 and atapi-all.c
>
> ng_socket.c: possible double free of resp 815 and 870, depending on
> caller context. is this possible?
>
I'm not seeing it..
Can you show the lines in the version that is being examined?
(So I can be sure I'm looking at the right code)
(and how do I interpret the above report? 815 and 870 are freeing different
things.)
> if_bfe.c: double call to bfe_release_resources will free lots of stuff
> twice on failure.
>
> aha_isa.c: aha_isa_attach: aha_free free "aha", can't use it
> afterwards, lots of examples.
>
> _______________________________________________
> freebsd-hackers at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
> To unsubscribe, send any mail to "freebsd-hackers-unsubscribe at freebsd.org"
More information about the freebsd-hackers
mailing list