Wild pointer in ipv6_get_header() and ipv4_get_header() functions
Bug #609736 reported by
Didier Barvaux
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | ||
|---|---|---|---|---|---|---|
| rohc | Status tracked in Rohc-main | |||||
| 1.2.x |
Fix Released
|
High
|
Didier Barvaux | |||
| 1.3.x |
Fix Released
|
High
|
Didier Barvaux | |||
| Rohc-main |
Invalid
|
Undecided
|
Didier Barvaux | |||
Bug Description
When I using the ROHC code,I find a segment of code canot understanding:
struct ip6_hdr * ipv6_get_
{
struct ip6_hdr *header;
if(ip.version == IPV6)
header = &ip.header.v6;
else
header = NULL;
return header;
}
I think when the function end,the "ip" which used in this function(it's not the "ip" of parameter ) will be free,so the point "header" will be a wild pointer.
Revision history for this message
| Didier Barvaux (didier-barvaux) wrote | #1 |
Revision history for this message
| Didier Barvaux (didier-barvaux) wrote | #2 |
Revision history for this message
| Didier Barvaux (didier-barvaux) wrote | #3 |
Revision history for this message
| Didier Barvaux (didier-barvaux) wrote | #4 |
Revision history for this message
| Didier Barvaux (didier-barvaux) wrote | #5 |
Revision history for this message
| Didier Barvaux (didier-barvaux) wrote | #6 |
Revision history for this message
| Didier Barvaux (didier-barvaux) wrote | #7 |
To post a comment you must log in.
Problem reported in question #118413 by someone with a very strange name :)