possible NULL dereference

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

possible NULL dereference

Alexey Vatchenko
Hi!
While hacking on HID things i found ``possible NULL dereference'' after
malloc() with M_NOWAIT. Check the diff for details.

Index: uhidev.c
===================================================================
RCS file: /cvs/src/sys/dev/usb/uhidev.c,v
retrieving revision 1.12
diff -u -u -r1.12 uhidev.c
--- uhidev.c    6 Jan 2006 03:36:32 -0000       1.12
+++ uhidev.c    22 Aug 2006 21:04:59 -0000
@@ -215,11 +215,11 @@
         nrepid++;
         sc->sc_subdevs = malloc(nrepid * sizeof(device_ptr_t),
                                 M_USBDEV, M_NOWAIT);
-       bzero(sc->sc_subdevs, nrepid * sizeof(device_ptr_t));
         if (sc->sc_subdevs == NULL) {
                 printf("%s: no memory\n", USBDEVNAME(sc->sc_dev));
                 USB_ATTACH_ERROR_RETURN;
         }
+       bzero(sc->sc_subdevs, nrepid * sizeof(device_ptr_t));
         sc->sc_nrepid = nrepid;
         sc->sc_isize = 0;

--
Alexey V. Vatchenko
http://psytech.h10.ru -> http://www.bsdua.org
JID: [hidden email]
ICQ: 162799204