[Spice-devel] [linux-agent v1 4/5] x11: Avoid dereference of a null pointer
Frediano Ziglio
fziglio at redhat.com
Tue Dec 18 17:43:13 UTC 2018
>
> From: Victor Toso <me at victortoso.com>
>
> Found by coverity:
> | warning: Access to field 'next' results in a dereference of a
> | null pointer (loaded from variable 'prev_sel')
>
> Signed-off-by: Victor Toso <victortoso at redhat.com>
> ---
> src/vdagent/x11.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/src/vdagent/x11.c b/src/vdagent/x11.c
> index c3c7a65..69eed4a 100644
> --- a/src/vdagent/x11.c
> +++ b/src/vdagent/x11.c
> @@ -394,7 +394,7 @@ static void vdagent_x11_set_clipboard_owner(struct
> vdagent_x11 *x11,
> x11->selection_req_data_pos = 0;
> x11->selection_req_data_size = 0;
> x11->selection_req_atom = None;
> - } else {
> + } else if (prev_sel != NULL) {
> prev_sel->next = next_sel;
> }
> free(curr_sel);
This is a false positive, if is not the first there's a previous.
Not that I have an easy suggestion on how to make Coverity understand this!
One way would be to change prev_sel to a pointer to the next so
initializing it like
struct vdagent_x11_selection_request **p_prev_next = &x11->selection_req;
and update with
p_prev_next = &curr_sel->next;
Frediano
More information about the Spice-devel
mailing list