Return-Path: X-Original-To: apmail-openoffice-dev-archive@www.apache.org Delivered-To: apmail-openoffice-dev-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 0409118E87 for ; Tue, 1 Mar 2016 03:40:56 +0000 (UTC) Received: (qmail 84248 invoked by uid 500); 1 Mar 2016 03:40:55 -0000 Delivered-To: apmail-openoffice-dev-archive@openoffice.apache.org Received: (qmail 84163 invoked by uid 500); 1 Mar 2016 03:40:54 -0000 Mailing-List: contact dev-help@openoffice.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@openoffice.apache.org Delivered-To: mailing list dev@openoffice.apache.org Received: (qmail 84148 invoked by uid 99); 1 Mar 2016 03:40:53 -0000 Received: from mail-relay.apache.org (HELO mail-relay.apache.org) (140.211.11.15) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 01 Mar 2016 03:40:53 +0000 Received: from [192.168.0.102] (unknown [181.55.232.163]) by mail-relay.apache.org (ASF Mail Server at mail-relay.apache.org) with ESMTPSA id 347401A00C5; Tue, 1 Mar 2016 03:40:53 +0000 (UTC) From: Pedro Giffuni Subject: Re: Profile.c bugs (was RE: Some thoughts on the learning curve) To: orcmid@apache.org, OOo Apache Message-ID: <56D50F6F.4000301@apache.org> Date: Mon, 29 Feb 2016 22:41:35 -0500 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:38.0) Gecko/20100101 Thunderbird/38.6.0 MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="------------020702020207040704090300" --------------020702020207040704090300 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit Hello; FWIW, I have looked at i126669 and Coverity confirms there is a bug there. CID 440168 (#1 of 1): Dereference after null check (FORWARD_NULL)9. var_deref_model: Passing null pointer "&pProfile->m_AccessLock" to function "pthread_mutex_unlock(pthread_mutex_t *)", which dereferences it. I suggest taking pthread_mutex_unlock outside the "if". I am attaching a patch: CC'd to orcmid jic the list rejects it. Of course it needs testing and you have to check the windows code too. Pedro. --------------020702020207040704090300 Content-Type: text/x-patch; name="bz-i126669.diff" Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename="bz-i126669.diff" Index: main/sal/osl/unx/profile.c =================================================================== --- main/sal/osl/unx/profile.c (revision 1732991) +++ main/sal/osl/unx/profile.c (working copy) @@ -317,12 +317,15 @@ if ( pProfile == 0 ) { - pthread_mutex_unlock(&(pProfile->m_AccessLock)); #ifdef TRACE_OSL_PROFILE OSL_TRACE("Out osl_closeProfile [pProfile==0]\n"); #endif return sal_False; } + else + { + pthread_mutex_unlock(&(pProfile->m_AccessLock)); + } if (pProfile->m_pFile != NULL) closeFileImpl(pProfile->m_pFile,pProfile->m_Flags); --------------020702020207040704090300 Content-Type: text/plain; charset=us-ascii --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscribe@openoffice.apache.org For additional commands, e-mail: dev-help@openoffice.apache.org --------------020702020207040704090300--