This is a low severity error, since there's a null pointer dereference only in case kzalloc fails to allocate memory. (1) line 762: !bep is true => bep is null (2) goto bl_fail (3) line 781: calling auerbuf_free(bep) with bep null, but such function does not handle a null argument: /* free a single auerbuf */ static void auerbuf_free (pauerbuf_t bp) { kfree(bp->bufp); ...
Reply-To: akpm@linux-foundation.org On Mon, 17 Dec 2007 22:27:07 -0800 (PST) bugme-daemon@bugzilla.kernel.org wrote: > http://bugzilla.kernel.org/show_bug.cgi?id=9596 > > Summary: NULL pointer dereference on drivers/usb/misc/auerswald.c > Product: Drivers > Version: 2.5 > KernelVersion: 2.6.23 > Platform: All > OS/Version: Linux > Tree: Mainline > Status: NEW > Severity: low > Priority: P1 > Component: USB > AssignedTo: greg@kroah.com > ReportedBy: marciobuss@gmail.com > > > This is a low severity error, since there's a null pointer dereference > only in case kzalloc fails to allocate memory. > > (1) line 762: !bep is true => bep is null > (2) goto bl_fail > (3) line 781: calling auerbuf_free(bep) with bep null, but such function > does not handle a null argument: > > /* free a single auerbuf */ > static void auerbuf_free (pauerbuf_t bp) > { > kfree(bp->bufp); > ... > > > -- > Configure bugmail: http://bugzilla.kernel.org/userprefs.cgi?tab=email > ------- You are receiving this mail because: ------- > You are on the CC list for the bug, or are watching someone who is.