Uploaded image for project: 'WiredTiger'
  1. WiredTiger
  2. WT-12862

Null pointer dereference in src/os_posix/os_fs.c

    • Storage Engines
    • 1
    • Megabat - 2024-05-14, 2024-05-28 - FOLLOW ON SPRINT

      I was poking around the wired tiger repo with the static analysis tool I worked on previously, one of the things that it found is this.

      src/os_posix/os_fs.c
      
      ❯❯❱ cpp.lang.security.memory.null-deref.null-library-function.null-library-function
      The `strrchr` function returns NULL on error and this line dereferences the return value without checking for NULL. Details: https://sg.run/OrLxp
      
      130┆ strrchr(dir, '/')[1] = '\0';
      

       
      That code is found here 

      Discussing this with Keith, the thinking is this implicit assert is better replaced with an explicit WT_ASSERT_ALWAYS so that if it ever fires we get useful data back.

            Assignee:
            jonas.bergler@mongodb.com Jonas Bergler
            Reporter:
            jonas.bergler@mongodb.com Jonas Bergler
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

              Created:
              Updated:
              Resolved: