ryantimwilson / rpms / systemd

Forked from rpms/systemd a month ago
Clone
65878a
From 44d380fa1042c56eee959c8cf8477aa62b8d8a0e Mon Sep 17 00:00:00 2001
65878a
From: Stefan Beller <stefanbeller@googlemail.com>
65878a
Date: Mon, 30 Dec 2013 17:43:52 +0100
65878a
Subject: [PATCH] sleep-config: Dereference pointer before check for NULL
65878a
65878a
This fixes a bug pointed out by http://css.csail.mit.edu/stack/
65878a
(Optimization-unstable code)
65878a
It is a similar fix as f146f5e159 (2013-12-30, core:
65878a
Forgot to dereference pointer when checking for NULL)
65878a
65878a
To explain this bug consider the following similar, but simpler code:
65878a
	if (!p)
65878a
		free(*p)
65878a
65878a
Assume the if condition evaluates to true, then we will access *p,
65878a
which means the compiler can assume p is a valid pointer, so it could
65878a
dereference p and use the value *p.
65878a
Assuming p as a valid pointer, !p will be false.
65878a
But initally we assumed the condition evaluates to true.
65878a
65878a
By this reasoning the optimizing compiler can deduce, we have dead code.
65878a
("The if will never be taken, as *p must be valid, because otherwise
65878a
accessing *p inside the if would segfault")
65878a
65878a
This led to an error message of the static code checker, so I checked the
65878a
code in question.
65878a
65878a
As we access *modes and *states before the check in the changed line of
65878a
this patch, I assume the line to be wrong and we actually wanted to check
65878a
for *modes and *states being both non null.
65878a
---
65878a
 src/shared/sleep-config.c | 2 +-
65878a
 1 file changed, 1 insertion(+), 1 deletion(-)
65878a
65878a
diff --git a/src/shared/sleep-config.c b/src/shared/sleep-config.c
65878a
index d76e3ad..b2a0787 100644
65878a
--- a/src/shared/sleep-config.c
65878a
+++ b/src/shared/sleep-config.c
65878a
@@ -94,7 +94,7 @@ int parse_sleep_config(const char *verb, char ***modes, char ***states) {
65878a
         } else
65878a
                 assert_not_reached("what verb");
65878a
 
65878a
-        if (!modes || !states) {
65878a
+        if (!*modes || !*states) {
65878a
                 strv_free(*modes);
65878a
                 strv_free(*states);
65878a
                 return log_oom();