Details
Description
** CID 1394567: Null pointer dereferences (FORWARD_NULL)
|
/src/log/log.c: 1908 in __log_has_hole()
|
|
|
*** CID 1394567: Null pointer dereferences (FORWARD_NULL)
|
/src/log/log.c: 1908 in __log_has_hole()
|
1902 /*
|
1903 * Find where the next log record starts after the
|
1904 * hole.
|
1905 */
|
1906 for (p = buf, buf_left = rdlen; buf_left > 0;
|
1907 buf_left -= rdlen, p += rdlen) {
|
>>> CID 1394567: Null pointer dereferences (FORWARD_NULL)
|
>>> Dereferencing null pointer "log".
|
1908 rdlen = WT_MIN(log->allocsize, buf_left);
|
1909 if (memcmp(p, zerobuf, rdlen) != 0)
|
1910 break;
|
1911 }
|
1912 /*
|
1913 * A presumed log record begins here where the buffer
|
donald.anderson, Coverity thinks that because there's a check for log == NULL earlier in the function, there's a risk of a NULL dereference here. The earlier check is:
/*
|
* It can be very slow looking for the last real record in the log
|
* in very small chunks. Walk a megabyte at a time. If we find a
|
* part of the log that is not just zeroes we know this log file
|
* has a hole in it.
|
*/
|
buf = zerobuf = NULL;
|
if (log == NULL || log->allocsize < WT_MEGABYTE)
|
bufsz = WT_MEGABYTE;
|
else
|
bufsz = log->allocsize;
|
I'm assuming this is yours since the check was just merged into develop.
Attachments
Issue Links
- is duplicated by
-
WT-4227 log_has_hole derefencing NULL log pointer
-
- Closed
-