CodeSonar : pvm3.4.6 : Null Pointer Dereference

pvm3.4.6 : pvm3.4.6 analysis 2 : Null Pointer Dereference at hoster.c:399

Categories:	LANG.MEM.NPD CWE:476
Warning ID:	22039.28700
Procedure:	hoster
Trace:	view
Modified:	Thu Nov 26 11:27:29 2009 show details hide details

Priority:	None
State:	None
Finding:	None
Owner:	None
	edit properties

Legend	[ X ]
Warning Location Contributes Parse Error Other Warning Two or More Loop Iterations On Execution Path Comment Macro Preprocessor Include Keyword Preprocessed Away

Legend
Warning Location	Contributes	Parse Error
Other Warning	Two or More Loop Iterations	On Execution Path
Comment	Macro	Preprocessor
Include	Keyword	Preprocessed Away

Source | Language: C

Hide Legend

Problem	Line	Source

			/kat0/fletcher/SATE/2010/pvm3/src/hoster.c

			Enter hoster

hoster(mp)

struct pmsg *mp;

{

struct pmsg *mp2;

int num;

int i;

struct hst **hostlist;

struct hst *hp;

char *p;

* unpack the startup message

upkint(mp, &num );

if (pvmdebmask & PDMSTARTUP) {

364

pvmlogprintf("hoster() %d to start\n", num );

365

}

366

if (num > 0) {

367

hostlist = TALLOC(num, struct hst *, "hsts"); /* Integer Overflow of Allocation Size (ID: 104.28706) */

368

for (i = 0; i < num; i++) {

369

hp = TALLOC(1, struct hst, "hst");

370

hostlist[i] = hp; /* Null Pointer Dereference (ID: 103.28705) */

371

hp->h_flag = 0; /* Null Pointer Dereference (ID: 102.28704) */

372

hp->h_result = 0;

373

if (upkint(mp, &hp->h_tid )

374

|| upkstralloc(mp, &hp->h_sopts )

375

|| upkstralloc(mp, &hp->h_login )

376

|| upkstralloc(mp, &hp->h_cmd )

377

|| upkstralloc(mp, &hp->h_wincmd )

378

|| upkstralloc(mp, &hp->h_vmid )) {

379

pvmlogerror("hoster() bad message format\n");

380

pvmbailout(0);

381

}

382

/* Check for (possible) alternate WIN32 pvmd cmd */

383

if (!strcmp(hp->h_wincmd,"")) { /* Null Pointer Dereference (ID: 22042.28703) */

384

PVM_FREE(hp->h_wincmd);

385

hp->h_wincmd = 0;

386

}

387

/* Check for (optional) virtual machine ID */

388

if (!strcmp(hp->h_vmid,"")) { /* Null Pointer Dereference (ID: 22041.28702) */

389

PVM_FREE(hp->h_vmid);

390

hp->h_vmid = 0;

391

}

392

if (pvmdebmask & PDMSTARTUP) {

393

pvmlogprintf("%d. t%x %s so=\"%s\"\n", i,

hp->h_tid,

hp->h_login,

hp->h_sopts );

}

if (p = CINDEX(hp->h_login, '@')) { /* Null Pointer Dereference (ID: 22040.28701) */

true

399

hp->h_name = STRALLOC(p + 1); /* Null Pointer Dereference */

Preconditions

&$unknown_268750 >= 1
&$unknown_268752 >= 1
&$unknown_268754 >= 1
&$unknown_268756 >= 1
&$unknown_268758 >= 1
strlen(&$unknown_268762) >= 1
$heap_10759 != 64
$heap_10761 <= 0

Postconditions

errno' != 0
$heap_10756' = &$heap_10757
bytes_after(&$heap_10756)' = 4 * &$unknown_268750
$heap_10756' is allocated by malloc
$heap_10756' is allocated
bytes_before(&$heap_10756)' = 0
bytes_after(&$heap_10757)' = 36
$heap_10757' is allocated by malloc
bytes_before(&$heap_10757)' = 0
((char*)&$heap_10757)[16]' = 0
((char*)&$heap_10757)[20]' = &$heap_10760
((char*)&$heap_10757)[24]' = &$heap_10761
((char*)&$heap_10757)[28]' = 0
((char*)&$heap_10757)[32]' = 0
((char*)&$heap_10757)[8]' = &$heap_10759
((char*)&$heap_10757)[12]' = &$heap_10758
bytes_after(&$heap_10758)' = &$unknown_268752
$heap_10758' is allocated by malloc
bytes_before(&$heap_10758)' = 0
bytes_after(&$heap_10759)' = &$unknown_268754
$heap_10759' is allocated by malloc
bytes_before(&$heap_10759)' = 0
bytes_after(&$heap_10760)' = &$unknown_268756
$heap_10760' is allocated by malloc
bytes_before(&$heap_10760)' = 0
bytes_after(&$heap_10761)' = &$unknown_268758
$heap_10761' is allocated by malloc
bytes_before(&$heap_10761)' = 0
hostlist' = &$heap_10756
hp' = &$heap_10757
i' = 0
num' = &$unknown_268750
p' = &$unknown_268762

Change Warning 22039.28700 : Null Pointer Dereference

Priority:
State:
Finding:
Owner:
Note: