[llvm-bugs] [Bug 23965] False positive in checker: Use of memory after it is freed
via llvm-bugs
llvm-bugs at lists.llvm.org
Sat Aug 15 11:48:08 PDT 2015
https://llvm.org/bugs/show_bug.cgi?id=23965
Ismail Pazarbasi <ismail.pazarbasi at gmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
CC| |ismail.pazarbasi at gmail.com
Resolution|--- |INVALID
--- Comment #3 from Ismail Pazarbasi <ismail.pazarbasi at gmail.com> ---
This isn't a false-positive. It's a genuine problem in the code.
https://github.com/aircrack-ng/aircrack-ng/blob/master/src/airserv-ng.c#L141
`c` is a function parameter, whose scope is limited to the function it's
declared in. Assigning NULL to it inside function scope won't change the
argument in outer scope. When `client_send_kill` returns, argument `c` that was
passed from `net_send_kill` will keep its old value, which is now-freed memory.
--
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-bugs/attachments/20150815/4eb60d66/attachment.html>
More information about the llvm-bugs
mailing list