Re: [PATCH 4/6] drivers/net/fs_enet: remove null pointer dereference

From: Jeff Garzik
Date: Thu May 22 2008 - 06:27:34 EST

Julia Lawall wrote:
From: Julia Lawall <julia@xxxxxxx>

The following code appears in the function fs_init_instance in the file drivers/net/fs_enet/fs_enet-main.c.

if (fep->ops == NULL) {
": %s No matching ops found (%d).\n",
ndev->name, fpi->fs_no);
err = -EINVAL;
goto err;

This code implies that at the point of err, fep->ops can be NULL, so an
extra test is needed before dereferencing this value.

This problem was found using the following semantic match

// <smpl>
expression E, E1;
identifier f;
statement S1,S2,S3;

* if (E == NULL)
... when != if (E == NULL) S1 else S2
when != E = E1
* E->f
... when any
return ...;
else S3
// </smpl>

Signed-off-by: Julia Lawall <julia@xxxxxxx>


To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at
Please read the FAQ at