From bb01879ebe5ba5d8e2c2177d3b1ce0272c17ce07 Mon Sep 17 00:00:00 2001 From: Brian Behlendorf Date: Tue, 17 Feb 2009 16:41:08 -0800 Subject: [PATCH] Coverity 9654, 9654: Use After Free Because vmem_free() was implemented as a macro using the ',' operator to evaluate both arguments and we performed the free before evaluating size we would deference the free'd pointer. To resolve the problem we just invert the ordering and evaluate size first just as if it was evaluated by the caller when being passed to this function. This ensure that if the caller is doing something reckless like performing an assignment as part of the size argument we still perform it and it simply doesn't get removed by the macro. Oh course nobody should be doing this sort of thing, but just in case. --- include/sys/kmem.h | 2 +- libtool | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/include/sys/kmem.h b/include/sys/kmem.h index cad652c..278039e 100644 --- a/include/sys/kmem.h +++ b/include/sys/kmem.h @@ -147,7 +147,7 @@ extern void vmem_free_debug(void *ptr, size_t size); memset(_ptr_, 0, (size)); \ _ptr_; \ }) -# define vmem_free(ptr, size) (vfree(ptr), (void)(size)) +# define vmem_free(ptr, size) ((void)(size), vfree(ptr)) #endif /* DEBUG_KMEM */ diff --git a/libtool b/libtool index ccefb32..aeb8ab7 100755 --- a/libtool +++ b/libtool @@ -331,7 +331,7 @@ link_all_deplibs=unknown sys_lib_search_path_spec=`echo "/lib64 /usr/lib64 /usr/local/lib64" | $SED -e "s@${gcc_dir}@\${gcc_dir}@g;s@${gcc_ver}@\${gcc_ver}@g"` # Run-time system search path for libraries -sys_lib_dlsearch_path_spec="/lib64 /usr/lib64 /usr/lib64/R/lib /usr/lib64/atlas /usr/lib64/ldapotp /usr/lib64/openmpi/1.2.6-gcc /usr/lib64/mvapich/0.9.9-1760.19chaos/gnu/gen2/lib/shared /usr/lib64/mysql /usr/lib64/octave-3.0.1 /usr/lib64/qt-3.3/lib " +sys_lib_dlsearch_path_spec="/lib64 /usr/lib64 /usr/nvidia/lib /usr/nvidia/lib64 /usr/lib64/R/lib /usr/lib64/atlas /usr/lib64/ldapotp /usr/lib64/openmpi/1.2.6-gcc /usr/lib64/mvapich/0.9.9-1760.19chaos/gnu/gen2/lib/shared /usr/lib64/mysql /usr/lib64/octave-3.0.1 /usr/lib64/qt-3.3/lib " # Fix the shell variable $srcfile for the compiler. fix_srcfile_path="" @@ -7550,7 +7550,7 @@ link_all_deplibs=unknown sys_lib_search_path_spec=`echo "/lib64 /usr/lib64 /usr/local/lib64" | $SED -e "s@${gcc_dir}@\${gcc_dir}@g;s@${gcc_ver}@\${gcc_ver}@g"` # Run-time system search path for libraries -sys_lib_dlsearch_path_spec="/lib64 /usr/lib64 /usr/lib64/R/lib /usr/lib64/atlas /usr/lib64/ldapotp /usr/lib64/openmpi/1.2.6-gcc /usr/lib64/mvapich/0.9.9-1760.19chaos/gnu/gen2/lib/shared /usr/lib64/mysql /usr/lib64/octave-3.0.1 /usr/lib64/qt-3.3/lib " +sys_lib_dlsearch_path_spec="/lib64 /usr/lib64 /usr/nvidia/lib /usr/nvidia/lib64 /usr/lib64/R/lib /usr/lib64/atlas /usr/lib64/ldapotp /usr/lib64/openmpi/1.2.6-gcc /usr/lib64/mvapich/0.9.9-1760.19chaos/gnu/gen2/lib/shared /usr/lib64/mysql /usr/lib64/octave-3.0.1 /usr/lib64/qt-3.3/lib " # Fix the shell variable $srcfile for the compiler. fix_srcfile_path="" @@ -7861,7 +7861,7 @@ link_all_deplibs=unknown sys_lib_search_path_spec=`echo "/lib64 /usr/lib64 /usr/local/lib64" | $SED -e "s@${gcc_dir}@\${gcc_dir}@g;s@${gcc_ver}@\${gcc_ver}@g"` # Run-time system search path for libraries -sys_lib_dlsearch_path_spec="/lib64 /usr/lib64 /usr/lib64/R/lib /usr/lib64/atlas /usr/lib64/ldapotp /usr/lib64/openmpi/1.2.6-gcc /usr/lib64/mvapich/0.9.9-1760.19chaos/gnu/gen2/lib/shared /usr/lib64/mysql /usr/lib64/octave-3.0.1 /usr/lib64/qt-3.3/lib " +sys_lib_dlsearch_path_spec="/lib64 /usr/lib64 /usr/nvidia/lib /usr/nvidia/lib64 /usr/lib64/R/lib /usr/lib64/atlas /usr/lib64/ldapotp /usr/lib64/openmpi/1.2.6-gcc /usr/lib64/mvapich/0.9.9-1760.19chaos/gnu/gen2/lib/shared /usr/lib64/mysql /usr/lib64/octave-3.0.1 /usr/lib64/qt-3.3/lib " # Fix the shell variable $srcfile for the compiler. fix_srcfile_path="" -- 2.40.0