[CRIU] [PATCHv2] x86/crtools: Fix null pointer dereference
Radostin Stoyanov
rstoyanov1 at gmail.com
Thu May 2 12:36:40 MSK 2019
Dereferencing a null pointer is undefined behavior.
ISO/IEC 9899, clause 6.5.3.2, paragraph 4
http://www.open-std.org/jtc1/sc22/wg14/www/docs/n1124.pdf
v2: declare x with always unused attribute. (thanks Cyrill Gorcunov)
Signed-off-by: Radostin Stoyanov <rstoyanov1 at gmail.com>
---
criu/arch/x86/crtools.c | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/criu/arch/x86/crtools.c b/criu/arch/x86/crtools.c
index ee016da00..865efc513 100644
--- a/criu/arch/x86/crtools.c
+++ b/criu/arch/x86/crtools.c
@@ -288,21 +288,21 @@ void arch_free_thread_info(CoreEntry *core)
static bool valid_xsave_frame(CoreEntry *core)
{
UserX86XsaveEntry *xsave = core->thread_info->fpregs->xsave;
- struct xsave_struct *x = NULL;
+ struct xsave_struct __always_unused x;
- if (core->thread_info->fpregs->n_st_space < ARRAY_SIZE(x->i387.st_space)) {
+ if (core->thread_info->fpregs->n_st_space < ARRAY_SIZE(x.i387.st_space)) {
pr_err("Corruption in FPU st_space area "
"(got %li but %li expected)\n",
(long)core->thread_info->fpregs->n_st_space,
- (long)ARRAY_SIZE(x->i387.st_space));
+ (long)ARRAY_SIZE(x.i387.st_space));
return false;
}
- if (core->thread_info->fpregs->n_xmm_space < ARRAY_SIZE(x->i387.xmm_space)) {
+ if (core->thread_info->fpregs->n_xmm_space < ARRAY_SIZE(x.i387.xmm_space)) {
pr_err("Corruption in FPU xmm_space area "
"(got %li but %li expected)\n",
(long)core->thread_info->fpregs->n_st_space,
- (long)ARRAY_SIZE(x->i387.xmm_space));
+ (long)ARRAY_SIZE(x.i387.xmm_space));
return false;
}
--
2.20.1
More information about the CRIU
mailing list