CodeSonar : Pvm : Null Pointer Dereference

Pvm : Pvm analysis 1 : Null Pointer Dereference at host.c:889

Categories:	LANG.MEM.NPD CWE:476
Warning ID:	2611.2645
Procedure:	readhostfile
Trace:	View
Modified:	Wed Sep 2 12:42:14 2009 show details hide details

Priority:	None
State:	None
Finding:	None
Owner:	None
	edit properties

Legend	[ X ]
Warning Location Contributes Parse Error Other Warning Two or More Loop Iterations On Execution Path Comment Macro Preprocessor Include Keyword Preprocessed Away

Legend
Warning Location	Contributes	Parse Error
Other Warning	Two or More Loop Iterations	On Execution Path
Comment	Macro	Preprocessor
Include	Keyword	Preprocessed Away

Source | Language: C

Hide Legend

Problem	Line	Source

			/u1/paul/SATE/2010/c/pvm/pvm3/src/host.c

			Enter readhostfile

	820		struct htab *
	821		readhostfile(fn)
	822		char *fn;
	823		{
	824		struct htab *htp;
	825		struct hostd *hp;
	826		FILE *ff = 0;
	827		char buf[512]; /* line buffer */
	828		int lnum = 0; /* line counter */
	829		int err = 0; /* error count */
	830		struct hostent *he;
	831		char *p;
	832		struct in_addr *my_in_addrs;
	833		int num_addrs;
	834		int i;
	835		int maxhostid = tidhmask >> (ffs(tidhmask) - 1);
	836		struct hostd *defaults = 0;
	837
	838		htp = ht_new (1); /* Leak (ID: 2607.2641) */
	839
	840		/*
	841		* get list of this host's interfaces so we can detect ourself in file
	842		*/
	843
	844		if (iflist(&my_in_addrs, &num_addrs ) == -1 \|\| num_addrs < 1) {
	845		pvmlogprintf("readhostfile() iflist failed\n");
	846		goto bail;
	847		}
	848
	849		if (!(ff = fopen(fn, "r"))) {
	850		pvmlogprintf("readhostfile() %s: can't read\n", fn );
	851		goto bail;
	852		}
	853
	854		/* parse each line of host file */
	855
	856		while (fgets(buf, sizeof(buf), ff)) {
	857		lnum++;
	858		for (p = buf; p && isspace(p); p++); /* Negative Character Value (ID: 2410.2425) */
	859
	860		if (!p \|\| p == '#') /* leading '#' is comment */
	861		continue;
	862
	863		if (lnum > maxhostid) {
	864		pvmlogprintf("readhostfile() %s: too many lines\n", fn );
	865		err++;
	866		break;
	867		}

hp = hd_new (lnum );

while (*p == '&' || *p == '$') {

871

if (*p == '&') /* leading '&' is no-start */

872

hp->hd_flag |= HF_NOSTART; /* Null Pointer Dereference (ID: 2614.2648) */

873

if (*p == '$') /* leading '$' allows overloading host */

874

hp->hd_flag |= HF_OVERLOAD; /* Null Pointer Dereference (ID: 2612.2646) */

p++;

}

if (parsehost(p, hp )) {

879

pvmlogprintf("readhostfile() %s %d: errors\n", fn, lnum );

err++;

goto badline;

}

* if host == "*", change the default options

886

* instead of adding a new host to the list

if (!strcmp(hp->hd_name, "*")) { /* Null Pointer Dereference */

Preconditions

&$unknown_773872 >= 1
&$unknown_773873 != 0
&$unknown_773873 != 35
&$unknown_773873 != 36
&$unknown_773873 != 38
&$unknown_773874 >= 1
&$unknown_773875 = 0
$input_500 <= 511
$input_500 >= 1
$input_508 = &$unknown_773873

Postconditions

defaults' = 0
err' = 0
ff' = &$heap_42549
fn' = $param_1
$heap_42546' = 0
bytes_after(&$heap_42546)' = 16
$heap_42546' is allocated by malloc
$heap_42546' is allocated
bytes_before(&$heap_42546)' = 0
strlen(&$heap_42546)' = 0
$heap_42547' = 0
bytes_after(&$heap_42547)' = 40
$heap_42547' is allocated by malloc
$heap_42547' is allocated
bytes_before(&$heap_42547)' = 0
strlen(&$heap_42547)' = 0
((char*)&$heap_42547)[32]' = &$heap_42546
((char*)&$heap_42547)[4]' = 1
$heap_42548' is allocated by open
$heap_42548' is allocated
((char*)&$heap_42548)[-4096]' is open
$heap_42549' = &$heap_42548 - 4096
bytes_after(&$heap_42549)' = 1028
$heap_42549' is allocated by fopen
$heap_42549' is allocated
$heap_42549' is open
bytes_before(&$heap_42549)' = 0
hp' = 0
htp' = &$heap_42547
lnum' = 1
maxhostid' = &$unknown_773874
num_addrs' = &$unknown_773872
p' = &buf[0]

Change Warning 2611.2645 : Null Pointer Dereference

Priority:
State:
Finding:
Owner:
Note: