NetBSD Problem Report #52964

From www@NetBSD.org  Tue Jan 30 16:53:09 2018
Return-Path: <www@NetBSD.org>
Received: from mail.netbsd.org (mail.netbsd.org [199.233.217.200])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(Client CN "mail.NetBSD.org", Issuer "mail.NetBSD.org CA" (not verified))
	by mollari.NetBSD.org (Postfix) with ESMTPS id 72E8B7A16F
	for <gnats-bugs@gnats.NetBSD.org>; Tue, 30 Jan 2018 16:53:09 +0000 (UTC)
Message-Id: <20180130165308.AB8807A1F7@mollari.NetBSD.org>
Date: Tue, 30 Jan 2018 16:53:08 +0000 (UTC)
From: dcb314@hotmail.com
Reply-To: dcb314@hotmail.com
To: gnats-bugs@NetBSD.org
Subject: src/sys/arch/amd64/amd64/db_interface.c:241: suspicous coding ?
X-Send-Pr-Version: www-1.0

>Number:         52964
>Category:       port-amd64
>Synopsis:       src/sys/arch/amd64/amd64/db_interface.c:241: suspicous coding ?
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    port-amd64-maintainer
>State:          closed
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Tue Jan 30 16:55:00 +0000 2018
>Closed-Date:    Fri Feb 09 09:41:46 +0000 2018
>Last-Modified:  Tue Feb 13 06:45:00 +0000 2018
>Originator:     David Binderman
>Release:        cvs-20180130
>Organization:
>Environment:
>Description:
src/sys/arch/amd64/amd64/db_interface.c:241]: (warning) Address of local variable dbreg is assigned to global pointer ddb_regp and not reassigned before dbreg goes out of scope.

Source code is

    ddb_regp = &dbreg;

Surely dangerous to export the address of a local variable outside the
scope of the function ?



>How-To-Repeat:

>Fix:

>Release-Note:

>Audit-Trail:
From: matthew green <mrg@eterna.com.au>
To: gnats-bugs@NetBSD.org
Cc: port-amd64-maintainer@netbsd.org, gnats-admin@netbsd.org,
    netbsd-bugs@netbsd.org
Subject: re: port-amd64/52964: src/sys/arch/amd64/amd64/db_interface.c:241: suspicous coding ?
Date: Wed, 31 Jan 2018 11:59:57 +1100

 > src/sys/arch/amd64/amd64/db_interface.c:241]: (warning) Address of local=
  variable dbreg is assigned to global pointer ddb_regp and not reassigned =
 before dbre
 > g goes out of scope.
 > =

 > Source code is
 > =

 >     ddb_regp =3D &dbreg;
 > =

 > Surely dangerous to export the address of a local variable outside the
 > scope of the function ?

 this line should asssign NULL.  looks like a copy pasto.


 .mrg.

From: "Maxime Villard" <maxv@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc: 
Subject: PR/52964 CVS commit: src/sys/arch
Date: Fri, 9 Feb 2018 09:36:42 +0000

 Module Name:	src
 Committed By:	maxv
 Date:		Fri Feb  9 09:36:42 UTC 2018

 Modified Files:
 	src/sys/arch/amd64/amd64: db_interface.c
 	src/sys/arch/i386/i386: db_interface.c

 Log Message:
 Reset ddb_regp to NULL. Reported by David Binderman in PR/52964.


 To generate a diff of this commit:
 cvs rdiff -u -r1.27 -r1.28 src/sys/arch/amd64/amd64/db_interface.c
 cvs rdiff -u -r1.76 -r1.77 src/sys/arch/i386/i386/db_interface.c

 Please note that diffs are not public domain; they are subject to the
 copyright notices on the relevant files.

State-Changed-From-To: open->closed
State-Changed-By: maxv@NetBSD.org
State-Changed-When: Fri, 09 Feb 2018 09:41:46 +0000
State-Changed-Why:
Fixed, thanks for the report.


From: "Ryota Ozaki" <ozaki-r@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc: 
Subject: PR/52964 CVS commit: src/sys/arch
Date: Tue, 13 Feb 2018 04:10:41 +0000

 Module Name:	src
 Committed By:	ozaki-r
 Date:		Tue Feb 13 04:10:41 UTC 2018

 Modified Files:
 	src/sys/arch/amd64/amd64: db_interface.c
 	src/sys/arch/i386/i386: db_interface.c

 Log Message:
 Fix NULL pointer dereference via ddb_regs

 ddb_regs can be *ddb_regp (see db_machdep.h) so ddb_regp should be NULL-ed
 after dereference to ddb_regs.

 Also dbreg should be restored to ddb_regp because ddb_regp can be changed
 by db_mach_cpu during db_trap.

 Fix PR 52964
 Helped by nonaka@


 To generate a diff of this commit:
 cvs rdiff -u -r1.29 -r1.30 src/sys/arch/amd64/amd64/db_interface.c
 cvs rdiff -u -r1.78 -r1.79 src/sys/arch/i386/i386/db_interface.c

 Please note that diffs are not public domain; they are subject to the
 copyright notices on the relevant files.

From: "Maxime Villard" <maxv@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc: 
Subject: PR/52964 CVS commit: src/sys/arch
Date: Tue, 13 Feb 2018 06:44:13 +0000

 Module Name:	src
 Committed By:	maxv
 Date:		Tue Feb 13 06:44:13 UTC 2018

 Modified Files:
 	src/sys/arch/amd64/amd64: db_interface.c
 	src/sys/arch/i386/i386: db_interface.c

 Log Message:
 Remove double declaration; 'ddb_regs' is already declared as a macro
 in db_machdep.h if MULTIPROCESSOR is on, and the macro has higher
 priority.

 Don't declare 'ddb_regs' locally in this case, because it is misleading.
 Part of PR/52964.


 To generate a diff of this commit:
 cvs rdiff -u -r1.31 -r1.32 src/sys/arch/amd64/amd64/db_interface.c
 cvs rdiff -u -r1.80 -r1.81 src/sys/arch/i386/i386/db_interface.c

 Please note that diffs are not public domain; they are subject to the
 copyright notices on the relevant files.

>Unformatted:
NetBSD Home
NetBSD PR Database Search
(Contact us) $NetBSD: query-full-pr,v 1.43 2018/01/16 07:36:43 maya Exp $
$NetBSD: gnats_config.sh,v 1.9 2014/08/02 14:16:04 spz Exp $
Copyright © 1994-2017 The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.