]> git.openfabrics.org - ~shefty/rdma-win.git/commitdiff
projects / ~shefty / rdma-win.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 2b29e02)
indexlist: fix dereferencing NULL pointer
authorshefty <shefty@ad392aa1-c5ef-ae45-8dd8-e69d62a5ef86>
Thu, 22 May 2008 01:59:21 +0000 (01:59 +0000)
committershefty <shefty@ad392aa1-c5ef-ae45-8dd8-e69d62a5ef86>
Thu, 22 May 2008 01:59:21 +0000 (01:59 +0000)
If the indexlist has not grown, then pArray is NULL.  Calls to the IndexList API will end up accessing a NULL pointer.  To avoid adding checks (pArray != NULL) in the API, allocate an 'EmptyList' index entry that pArray can reference until the first allocation is done.

Signed-off-by: Sean Hefty <sean.hefty@intel.com>
git-svn-id: svn://openib.tc.cornell.edu/gen1@1200 ad392aa1-c5ef-ae45-8dd8-e69d62a5ef86

branches/winverbs/core/winverbs/kernel/index_list.c patch | blob | history
branches/winverbs/core/winverbs/kernel/index_list.h patch | blob | history

diff --git a/branches/winverbs/core/winverbs/kernel/index_list.c b/branches/winverbs/core/winverbs/kernel/index_list.c
index e6e1296df3ab051ac40beaa858a71f6e5d67365d..552c67b39509d019f23dcc29cd2d7277d0805a3a 100644 (file)
--- a/branches/winverbs/core/winverbs/kernel/index_list.c
+++ b/branches/winverbs/core/winverbs/kernel/index_list.c
@@ -29,6 +29,8 @@
 \r
 #include "index_list.h"\r
 \r
+INDEX_ENTRY EmptyList;\r
+\r
 static BOOLEAN IndexListGrow(INDEX_LIST *pIndexList)\r
 {\r
        INDEX_ENTRY     *array;\r
@@ -47,7 +49,7 @@ static BOOLEAN IndexListGrow(INDEX_LIST *pIndexList)
                pIndexList->FreeList = i;\r
        }\r
 \r
-       if (pIndexList->pArray != NULL) {\r
+       if (pIndexList->pArray != &EmptyList) {\r
                RtlCopyMemory(array, pIndexList->pArray, pIndexList->Size * sizeof(INDEX_ENTRY));\r
                ExFreePool(pIndexList->pArray);\r
        } else {\r
diff --git a/branches/winverbs/core/winverbs/kernel/index_list.h b/branches/winverbs/core/winverbs/kernel/index_list.h
index dd9eac8f79d8a86ecb1f38de9a8d20d4ff09a325..ec0ab7f1c9e12967c635b12cf21cfd2062c09e1f 100644 (file)
--- a/branches/winverbs/core/winverbs/kernel/index_list.h
+++ b/branches/winverbs/core/winverbs/kernel/index_list.h
@@ -42,6 +42,8 @@ typedef struct _INDEX_ENTRY
 \r
 }      INDEX_ENTRY;\r
 \r
+extern INDEX_ENTRY EmptyList;\r
+\r
 // Synchronization must be provided by the caller.\r
 typedef struct _INDEX_LIST\r
 {\r
@@ -53,12 +55,14 @@ typedef struct _INDEX_LIST
 \r
 static void IndexListInit(INDEX_LIST *pIndexList)\r
 {\r
-       RtlZeroMemory(pIndexList, sizeof(INDEX_LIST));\r
+       pIndexList->pArray = &EmptyList;\r
+       pIndexList->FreeList = 0;\r
+       pIndexList->Size = 0;\r
 }\r
 \r
 static void IndexListDestroy(INDEX_LIST *pIndexList)\r
 {\r
-       if (pIndexList->pArray != NULL) {\r
+       if (pIndexList->pArray != &EmptyList) {\r
                ExFreePool(pIndexList->pArray);\r
        }\r
 }\r
Clone of Windows SVN development tree