Driver Development Kit (DDK)

cancel
Showing results for 
Search instead for 
Did you mean: 

Bug in SGLChunklyLink could cause crash if DMA allocation fails

While running a static analysis tool, I came across a bug, which if  hit, would cause a CRASH.

 

In the constructor tCHInChSGLChunkyLink::tCHInChSGLChunkyLink,

 

      _linkMemory = _bus->allocDMA(_maxSize);
      if (_linkMemory == NULL)
      {
         status.setCode(kBufferBadMemoryAllocation);
      }

      // Enforce 8-byte alignment for link memory addresses
      if (_linkMemory->getPhysicalAddress() % 8 != 0)
      {
         status.setCode(kBufferBadAlignment);
      }

 

If the memory could not be allocated, then _linkMemory is dereferenced.

The fix should move the derference inside a  "if (status.isNotFatal )"   check

0 Kudos
Message 1 of 2
(5,685 Views)

Hello Kenstern,

 

I appreciate you letting us know about your findings. I've recorded this in a bug report and we will be investigating the potential issue.

 

Thanks,

Steven T.

0 Kudos
Message 2 of 2
(5,676 Views)