CodeSonar : Pvm : Null Pointer Dereference

Pvm : Pvm analysis 1 : Null Pointer Dereference at host.c:1108

Categories:	LANG.MEM.NPD CWE:476
Warning ID:	2519.2550
Procedure:	acav
Trace:	View
Modified:	Wed Sep 2 12:40:08 2009 show details hide details

Priority:	None
State:	None
Finding:	None
Owner:	None
	edit properties

Legend	[ X ]
Warning Location Contributes Parse Error Other Warning Two or More Loop Iterations On Execution Path Comment Macro Preprocessor Include Keyword Preprocessed Away

Legend
Warning Location	Contributes	Parse Error
Other Warning	Two or More Loop Iterations	On Execution Path
Comment	Macro	Preprocessor
Include	Keyword	Preprocessed Away

Source | Language: C

Hide Legend

Problem	Line	Source

			/u1/paul/SATE/2010/c/pvm/pvm3/src/ddpro.c

			Enter addhosts

840

addhosts(mp, rmp)

841

struct pmsg *mp; /* the request message */

842

struct pmsg *rmp; /* reply message blank */

843

{

844

struct hostd *hp, *hp2;

845

struct pmsg *mp2;

846

struct waitc *wp = 0;

847

struct waitc_add *wxp = 0;

int i, j;

int count;

int ngood;

int ntid;

struct hostent *he;

int maxhostid = (tidhmask >> ffs(tidhmask) - 1);

int hh;

int pid;

int *tids;

char *winpvmdpath;

char *pvmdpath;

char *vmid;

char *buf;

int len;

* have to lock this for 2 reasons:

865

* 1. system can't handle overlapping host table updates,

866

* 2. the new host tids aren't reserved

if (busyadding) {

pvmlogerror("addhosts() already adding new hosts\n");

871

872

pkint(rmp, PvmAlready );

sendmessage(rmp );

return 0;

}

busyadding = 1;

/* sanity check count */

880

881

if (upkint(mp, &count ) || count < 1 || count > maxhostid) {

882

pvmlogerror("addhosts() bad msg format\n");

goto bad;

}

* make wait context, extract host list from message,

888

889

890

wp = wait_new (WT_HOSTSTART );

891

wp->wa_tid = mp->m_src;

892

wp->wa_dep = mp->m_wid;

893

wxp = TALLOC(1, struct waitc_add, "waix");

894

wxp->w_num = count; /* Null Pointer Dereference (ID: 2522.2553) */

895

wxp->w_hosts = TALLOC(count, struct hostd *, "waiv");

896

BZERO((char*)wxp->w_hosts, count * sizeof(struct hostd *)); /* Null Pointer Dereference (ID: 2521.2552) */

897

wp->wa_spec = (void *)wxp;

898

899

for (i = 0; i < count; i++) {

900

hp = hd_new (0);

901

wxp->w_hosts[i] = hp;

true

902

if (upkstralloc(mp, &buf )) {

	903		pvmlogerror("addhosts() bad msg format\n");
	904		goto bad;
	905		}

buf <= 4095

906

if (parsehost(buf, hp )) {

					/u1/paul/SATE/2010/c/pvm/pvm3/src/host.c

					Enter addhosts / parsehost

parsehost(buf, hp)

char *buf;

struct hostd *hp;

{

char *av[10]; /* parsed words */

int ac;

int err = 0;

ac = sizeof(av)/sizeof(av[0]);

buf <= 4095

735

if (acav(buf, &ac, av )) {

							Enter addhosts / parsehost / acav

$param_1 <= 4095

1096

acav(s, acp, av)

1097

char *s; /* the string to parse */

1098

int *acp; /* max words in, ac out */

1099

char **av; /* pointers to args */

{

/* separate out words of command */

ac = 0;

while (*p) { /* Null Pointer Dereference */

							Exit addhosts / parsehost / acav

					Exit addhosts / parsehost

907

hp->hd_err = PvmBadParam; /* Null Pointer Dereference (ID: 2518.2549) */

} else {

/* Set unspecified fields from hostfile if available */

912

913

if (filehosts &&

914

((hp2 = nametohost (filehosts, hp->hd_name ))

915

|| (hp2 = filehosts->ht_hosts[0])))

916

applydefaults(hp, hp2 );

917

}

918

PVM_FREE(buf);

Preconditions

&$unknown_329382 >= 3
busyadding = 0

Postconditions

waitlist->wa_link->wa_rlink' = &$heap_21511
waitlist->wa_link->wa_rlink->wa_link' = &$heap_21511
ac' = 10
ac' = 0
acp' = &ac
av' = &av[0]
buf' = 0
buf' = 0
busyadding' = 1
count' = &$unknown_329382
err' = 0
$heap_21511' = waitlist->wa_link
bytes_after(&$heap_21511)' = 80
$heap_21511' is allocated by malloc
$heap_21511' is allocated
bytes_before(&$heap_21511)' = 0
((char*)&$heap_21511)[20]' = 3
((char*)&$heap_21511)[24]' = 0
((char*)&$heap_21511)[56]' = 0
((char*)&$heap_21511)[64]' = 0
((char*)&$heap_21511)[72]' = &$heap_21512
((char*)&$heap_21511)[8]' = waitlist->wa_link->wa_rlink
$heap_21512' = &$unknown_329382
bytes_after(&$heap_21512)' = 16
$heap_21512' is allocated by malloc
$heap_21512' is allocated
bytes_before(&$heap_21512)' = 0
((char*)&$heap_21512)[8]' = &$heap_21513
$heap_21513' = 0
bytes_after(&$heap_21513)' = 8 * &$unknown_329382
$heap_21513' is allocated by malloc
$heap_21513' is allocated
bytes_before(&$heap_21513)' = 0
strlen(&$heap_21513)' = 0
$heap_21515' = 1
bytes_after(&$heap_21515)' = 200
$heap_21515' is allocated by malloc
bytes_before(&$heap_21515)' = 0
strlen(&$heap_21515)' = 0
((char*)&$heap_21515)[136]' = &$heap_21518
((char*)&$heap_21515)[152]' = 1
((char*)&$heap_21515)[168]' = 1000
((char*)&$heap_21515)[176]' = 0
((char*)&$heap_21515)[88]' = 2
((char*)&$heap_21515)[104]' = 1
((char*)&$heap_21515)[108]' = 1
((char*)&$heap_21515)[112]' = &$heap_21516
((char*)&$heap_21515)[120]' = &$heap_21517
bytes_after(&$heap_21516)' = 184
$heap_21516' is allocated by malloc
$heap_21516' is allocated
bytes_before(&$heap_21516)' = 0
((char*)&$heap_21516)[16]' = 0
((char*)&$heap_21516)[176]' = 0
((char*)&$heap_21516)[24]' = 0
((char*)&$heap_21516)[32]' = 0
((char*)&$heap_21516)[40]' = 0
bytes_after(&$heap_21517)' = 184
$heap_21517' is allocated by malloc
$heap_21517' is allocated
bytes_before(&$heap_21517)' = 0
((char*)&$heap_21517)[16]' = 0
((char*)&$heap_21517)[176]' = 0
((char*)&$heap_21517)[24]' = 0
((char*)&$heap_21517)[32]' = 0
((char*)&$heap_21517)[40]' = 0
bytes_after(&$heap_21518)' = 184
$heap_21518' is allocated by malloc
$heap_21518' is allocated
bytes_before(&$heap_21518)' = 0
((char*)&$heap_21518)[16]' = 0
((char*)&$heap_21518)[176]' = 0
((char*)&$heap_21518)[24]' = 0
((char*)&$heap_21518)[32]' = 0
((char*)&$heap_21518)[40]' = 0
hp' = &$heap_21515
hp' = &$heap_21515
maxhostid' >= 3
maxhostid' >= &$unknown_329382
mp' = $param_1
n' = 10
p' = 0
rmp' = $param_2
s' = 0
wp' = &$heap_21511
wxp' = &$heap_21512

Change Warning 2519.2550 : Null Pointer Dereference

Priority:
State:
Finding:
Owner:
Note: