Wild pointer in ipv6_get_header() and ipv4_get_header() functions
Bug #609736 reported by
Didier Barvaux
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | ||
---|---|---|---|---|---|---|
rohc | Status tracked in Rohc-main | |||||
1.2.x |
Fix Released
|
High
|
Didier Barvaux | |||
1.3.x |
Fix Released
|
High
|
Didier Barvaux | |||
Rohc-main |
Invalid
|
Undecided
|
Didier Barvaux |
Bug Description
When I using the ROHC code,I find a segment of code canot understanding:
struct ip6_hdr * ipv6_get_
{
struct ip6_hdr *header;
if(ip.version == IPV6)
header = &ip.header.v6;
else
header = NULL;
return header;
}
I think when the function end,the "ip" which used in this function(it's not the "ip" of parameter ) will be free,so the point "header" will be a wild pointer.
To post a comment you must log in.
Problem reported in question #118413 by someone with a very strange name :)