On Mon, Nov 18, 2019 at 09:50:13AM +0800, pannengyuan@huawei.com wrote:
> From: PanNengyuan <pannengyuan@huawei.com>
>
> source is being dereferenced before it is null checked, hence there is a
> potential null pointer dereference.
>
> This fixes:
> 360
> CID 68911917: (NULL_RETURNS)
> 361. dereference: Dereferencing "source", which is known to be
> "NULL".
> 361 if (source->mask & event_mask) {
> 362 break;
> 363 }
>
> Reported-by: Euler Robot <euler.robot@huawei.com>
> Signed-off-by: PanNengyuan <pannengyuan@huawei.com>
I don't think this is the right solution. The only events we ever
generated are LOG_TYPE_EPOW and LOG_TYPE_HOTPLUG, so in fact source
should never be NULL.
I think the correct way to satisfy Coverity here is to have
rtas_event_log_to_source() do an assert(), rather than returning NULL
for other event types.
> ---
> hw/ppc/spapr_events.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/hw/ppc/spapr_events.c b/hw/ppc/spapr_events.c
> index 0e4c195..febd2ef 100644
> --- a/hw/ppc/spapr_events.c
> +++ b/hw/ppc/spapr_events.c
> @@ -358,7 +358,7 @@ static SpaprEventLogEntry *rtas_event_log_dequeue(SpaprMachineState *spapr,
> rtas_event_log_to_source(spapr,
> spapr_event_log_entry_type(entry));
>
> - if (source->mask & event_mask) {
> + if (source && (source->mask & event_mask)) {
> break;
> }
> }
--
David Gibson | I'll have my music baroque, and my code
david AT gibson.dropbear.id.au | minimalist, thank you. NOT _the_ _other_
| _way_ _around_!
http://www.ozlabs.org/~dgibson