Please review RTEMS JFFS2 Adapter Issue
Joel Sherrill
joel.sherrill at oarcorp.com
Tue Nov 25 19:30:41 UTC 2014
Hi
Coverity Id 1255348 in fs-rtems.c can't be ignored on the grounds
the JFFS2 project will see it.
this->i_cache_prev->i_cache_next = this->i_cache_next;
84 jffs2_clear_inode(this);
85 memset(this, 0x5a, sizeof(*this));
15. freed_arg: free frees this. [Note: The source code implementation of
the function has been overridden by a builtin model.]
86 free(this);
6. Condition parent, taking true branch
7. Condition parent != this, taking true branch
16. Condition parent, taking true branch
17. Condition parent != this, taking true branch
87 if (parent && parent != this) {
88 parent->i_count--;
8. alias: Assigning: this = root_i. Now both point to the same storage.
CID 1255348 (#1-2 of 2): Use after free
(USE_AFTER_FREE)18. use_after_free: Using freed pointer root_i.
89 this = root_i;
9. Jumping to label restart
90 goto restart;
91 }
--
Joel Sherrill, Ph.D. Director of Research & Development
joel.sherrill at OARcorp.com On-Line Applications Research
Ask me about RTEMS: a free RTOS Huntsville AL 35805
Support Available (256) 722-9985
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rtems.org/pipermail/devel/attachments/20141125/2d04deec/attachment-0001.html>
More information about the devel
mailing list