Closed ycaibb closed 4 years ago
Would you mind sending a patch that calls the critical logging function when hash_str_new() fails in parse_listener_prefix()?
On Thu, Sep 3, 2020, 01:48 Ryan notifications@github.com wrote:
Hi, developers, I found Null pointer deference on function hash_add.
The function is in lwan/src/lib/hash.c
int hash_add(struct hash hash, const void key, const void value) { struct hash_entry entry = hash_add_entry(hash, key);
if (!entry) return -errno; hash->free_value((void *)entry->value); // hash is null, null pointer dererference happens here hash->free_key((void *)entry->key); return 0;
}
The function is in lwan/src/lib/lwan.c
static void parse_listener_prefix(struct config c, const struct config_line l, struct lwan lwan, const struct lwan_module module, void handler) { struct lwan_url_map url_map = {}; struct hash hash = hash_str_new(free, free); //hash can be null ...; while ((l = config_read_line(c))) { switch (l->type) { case CONFIG_LINE_TYPE_LINE: hash_add(hash, strdup(l->key), strdup(l->value)); // hash is null break;
....; }
}
The function is in lwan/src/lib/hash.c
struct hash hash_str_new(void (free_key)(void value), void (free_value)(void value)) { return hash_internal_new( hash_str, (int ()(const void , const void ))strcmp, free_key ? free_key : no_op, free_value ? free_value : no_op); //return null to the caller }
The function is in lwan/src/lib/hash.c.
static struct hash hash_internal_new(unsigned int (hash_value)(const void key), int (key_compare)(const void k1, const void k2), void (free_key)(void value), void (free_value)(void value)) { struct hash hash = malloc(sizeof(hash));
if (hash == NULL) return NULL; //return null to the caller
...; }
— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/lpereira/lwan/issues/289, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAADVGLVNL76NZAQPXWGSF3SD5J7RANCNFSM4QUQDQIQ .
Hi, Leandro
Sorry, I don't have a patch. It is reported by my static analysis tool.
I see. Which tool is it?
(Issue has been addressed, thanks for reporting.)
Hi, developers, I found Null pointer deference on function hash_add.
The function is in lwan/src/lib/hash.c
The function is in lwan/src/lib/lwan.c
The function is in lwan/src/lib/hash.c
The function is in lwan/src/lib/hash.c.