On Fri, Feb 18, 2011 at 03:44 +0000, Jacob Meuser wrote: > at line 190, if nports == 0, 'hub' will be NULL at line 334, and > 'if (hub->ports)' will be a NULL dereference. > > found by Amit Kulkarni using clang. >
makes perfect sense. ok mikeb > -- > jake...@sdf.lonestar.org > SDF Public Access UNIX System - http://sdf.lonestar.org > > Index: uhub.c > =================================================================== > RCS file: /cvs/src/sys/dev/usb/uhub.c,v > retrieving revision 1.57 > diff -u -p uhub.c > --- uhub.c 25 Jan 2011 20:03:36 -0000 1.57 > +++ uhub.c 18 Feb 2011 03:33:57 -0000 > @@ -331,10 +331,11 @@ uhub_attach(struct device *parent, struct device *self > bad: > if (sc->sc_statusbuf) > free(sc->sc_statusbuf, M_USBDEV); > - if (hub->ports) > - free(hub->ports, M_USBDEV); > - if (hub) > + if (hub) { > + if (hub->ports) > + free(hub->ports, M_USBDEV); > free(hub, M_USBDEV); > + } > dev->hub = NULL; > }
