Null pointer dereference in src/os_posix/os_fs.c

XMLWordPrintableJSON

    • Storage Engines
    • Megabat - 2024-05-14, 2024-05-28 - FOLLOW ON SPRINT
    • 1

      I was poking around the wired tiger repo with the static analysis tool I worked on previously, one of the things that it found is this.

      src/os_posix/os_fs.c
      
      ❯❯❱ cpp.lang.security.memory.null-deref.null-library-function.null-library-function
      The `strrchr` function returns NULL on error and this line dereferences the return value without checking for NULL. Details: https://sg.run/OrLxp
      
      130┆ strrchr(dir, '/')[1] = '\0';
      

       
      That code is found here 

      Discussing this with Keith, the thinking is this implicit assert is better replaced with an explicit WT_ASSERT_ALWAYS so that if it ever fires we get useful data back.

              Assignee:
              Jonas Bergler
              Reporter:
              Jonas Bergler
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

                Created:
                Updated:
                Resolved: