NULL ptr dereferences found with Calysto static checker

Domagoj Babic babic.domagoj at
Thu Jun 21 04:06:31 EST 2007


I've ran my static checker Calysto on openssh and found the following bug:

Possible NULL-ptr deref (vc536):
+ ptr gtm returned from gmtime dereferenced without checking (gmtime can
return NULL).

There are probably more possible NULL-ptr dereferences, but Calysto
currently does not check the usage of library functions (for instance,
if external library function foo dereferences a pointer, Calysto can't figure
that out unless the code for foo was compiled into the same module).

Specification of external libraries will be done by early Aug.


        Domagoj Babic

More information about the openssh-unix-dev mailing list