From: Paul Eggert <eggert@cs.ucla.edu>
To: Darren Kenny <darren.kenny@oracle.com>
Cc: bug-gnulib@gnu.org
Subject: Re: [PATCH 1/3] lib/regexec: Fix possible null-dereference
Date: Wed, 11 Aug 2021 00:28:26 -0700 [thread overview]
Message-ID: <bc9d25c9-c4b9-d22d-5f9e-be17e9d5dc0a@cs.ucla.edu> (raw)
In-Reply-To: <96f2ea78b6ce05f20d2c38fee43ffe87c3ca2664.1624030621.git.darren.kenny@oracle.com>
[-- Attachment #1: Type: text/plain, Size: 461 bytes --]
On 6/18/21 8:44 AM, Darren Kenny wrote:
> It appears to be possible that the mctx->state_log field may be NULL
How so? I don't see the execution path that would do that.
If you can see how it could happen, please let us know. Otherwise, does
the attached patch pacify Coverity, and if not why not?
The DEBUG_ASSERT stuff does pacify GCC, as it tells GCC things that GCC
isn't smart enough to figure out on its own. I hope Coverity can use
similar advice.
[-- Attachment #2: coverity.diff --]
[-- Type: text/x-patch, Size: 452 bytes --]
diff --git a/lib/regexec.c b/lib/regexec.c
index 5e4eb497a..f25e00d83 100644
--- a/lib/regexec.c
+++ b/lib/regexec.c
@@ -1674,6 +1674,8 @@ build_sifted_states (const re_match_context_t *mctx, re_sift_context_t *sctx,
static reg_errcode_t
clean_state_log_if_needed (re_match_context_t *mctx, Idx next_state_log_idx)
{
+ DEBUG_ASSERT (mctx->state_log != NULL);
+
Idx top = mctx->state_log_top;
if ((next_state_log_idx >= mctx->input.bufs_len
next prev parent reply other threads:[~2021-08-11 7:28 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-06-18 15:44 [PATCH 0/3] Some Coverity fixes from GRUB Darren Kenny
2021-06-18 15:44 ` [PATCH 1/3] lib/regexec: Fix possible null-dereference Darren Kenny
2021-08-11 7:28 ` Paul Eggert [this message]
2021-08-23 10:05 ` Darren Kenny
2021-08-23 20:09 ` Paul Eggert
2021-08-24 15:11 ` Darren Kenny
2021-08-24 18:52 ` Paul Eggert
2021-06-18 15:44 ` [PATCH 2/3] lib/argp-help: Fix possible dereference of a NULL state Darren Kenny
2021-06-18 17:36 ` Bruno Haible
2021-06-21 9:32 ` Darren Kenny
2021-06-18 15:44 ` [PATCH 3/3] lib/regexec: Resolve unused variable Darren Kenny
2021-08-11 7:24 ` Paul Eggert
2021-08-23 10:38 ` Darren Kenny
2021-08-23 13:00 ` Bruno Haible
2021-08-23 21:04 ` Paul Eggert
2021-08-06 14:29 ` [PATCH 0/3] Some Coverity fixes from GRUB Darren Kenny
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://lists.gnu.org/mailman/listinfo/bug-gnulib
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=bc9d25c9-c4b9-d22d-5f9e-be17e9d5dc0a@cs.ucla.edu \
--to=eggert@cs.ucla.edu \
--cc=bug-gnulib@gnu.org \
--cc=darren.kenny@oracle.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).