dynamips icon indicating copy to clipboard operation
dynamips copied to clipboard

Published 20 hours ago verified publisher icon GNS3

A potential bug of null pointer dereference(5)

Open ash1852 opened this issue 2 years ago • 0 comments

hello,I found a potential bug of null pointer dereference in source code of dynamips , would you help me check whether this bug is ture?thank you for your effort and patience very much.

step 1 : In file dynamips/common/cisco_card.c , function vm_slot_get_info line 250 : Store null to rc

step 2 : In file dynamips/common/cisco_card.c , function vm_slot_get_info line 251 : Program reaches the return point, modifying the value *(rc) to null

step 3 : In file dynamips/common/cisco_card.c , function vm_slot_translate_port_id line 308 : Function vm_slot_get_info modifies the value tmp to null, where &(tmp) is used as the 4th parameter (rc)

step 4 : In file dynamips/common/cisco_card.c , function vm_slot_translate_port_id line 309 : Load value from tmp

ash1852 avatar Sep 27 '21 06:09 ash1852