EPICS Home EPICS Controls Argonne National Laboratory

Experimental Physics and
Industrial Control System

Format page
for printing


Search Tech-talk
2002  2003  2004  2005  2006  2007  2008  2009  2010  2011  2012  2013  2014  2015  2016  2017  2018  2019  <20202021  2022  2023  2024  Index 2002  2003  2004  2005  2006  2007  2008  2009  2010  2011  2012  2013  2014  2015  2016  2017  2018  2019  <20202021  2022  2023  2024 
<== Date ==> <== Thread ==>
Subject: [Bug 1862916] Re: Possible null pointer dereferencing in modules/ca/src/client/udpiiu.cpp
From: mdavidsaver via Core-talk <core-talk at aps.anl.gov>
To: core-talk at aps.anl.gov
Date: Wed, 12 Feb 2020 10:31:35 -0000 
I find only two places where pushDatagramMsg() is called.  One with
pExt!=NULL, and the other with pExt==NULL && extsize==0.  So this won't
currently trigger a issue.  I see no harm in adding a NULL test for
pExt, or an assert() that pExt==NULL requires extsize==0.

-- 
You received this bug notification because you are a member of EPICS
Core Developers, which is subscribed to EPICS Base.
Matching subscriptions: epics-core-list-subscription
https://bugs.launchpad.net/bugs/1862916

Title:
  Possible null pointer dereferencing in
  modules/ca/src/client/udpiiu.cpp

Status in EPICS Base:
  New

Bug description:
  Codacy report an Error level issue on a possible null pointer
  dereferencing  modules/ca/src/client/udpiiu.cpp line 950.

  If the function bool udpiiu::pushDatagramMsg ( epicsGuard < epicsMutex > & guard, const caHdr & msg, const void * pExt, ca_uint16_t extsize ) is called with the following parameters:
  1) pExt == null
  2) extsize > 0

  This will cause the memcpy to read extsize bytes from null, presumably
  crashing the code.

To manage notifications about this bug go to:
https://bugs.launchpad.net/epics-base/+bug/1862916/+subscriptions
References:
[Bug 1862916] [NEW] Possible null pointer dereferencing in modules/ca/src/client/udpiiu.cpp Karl Vestin via Core-talk
Navigate by Date:
Prev: [Bug 1862917] Re: Possible memory leak in modules/database/src/std/link/lnkCalc.c Karl Vestin via Core-talk
Next: Re: Weird CAS hangup on IOC Michael Davidsaver via Core-talk
Index: 2002  2003  2004  2005  2006  2007  2008  2009  2010  2011  2012  2013  2014  2015  2016  2017  2018  2019  <20202021  2022  2023  2024 
Navigate by Thread:
Prev: [Bug 1862916] Re: Possible null pointer dereferencing in modules/ca/src/client/udpiiu.cpp Karl Vestin via Core-talk
Next: [Bug 1862916] Re: Possible null pointer dereferencing in modules/ca/src/client/udpiiu.cpp Karl Vestin via Core-talk
Index: 2002  2003  2004  2005  2006  2007  2008  2009  2010  2011  2012  2013  2014  2015  2016  2017  2018  2019  <20202021  2022  2023  2024 
ANJ, 13 Feb 2020 Valid HTML 4.01! · Home · News · About · Base · Modules · Extensions · Distributions · Download ·
· Search · EPICS V4 · IRMIS · Talk · Bugs · Documents · Links · Licensing ·