Showing error 1888

User: Jiri Slaby
Error type: Invalid Pointer Dereference
Error type description: A pointer which is invalid is being dereferenced
File location: net/ipv4/igmp.c
Line in file: 2170
Project: Linux Kernel
Project version: 2.6.28
Tools: Smatch (1.59)
Entered: 2013-09-11 08:47:26 UTC

Source: 

2140        if (!ipv4_is_multicast(addr))
2141                return -EINVAL;
2142
2143        rtnl_lock();
2144
2145        err = -EADDRNOTAVAIL;
2146
2147        for (pmc=inet->mc_list; pmc; pmc=pmc->next) {
2148                if (pmc->multi.imr_multiaddr.s_addr == addr &&
2149                    pmc->multi.imr_ifindex == gsf->gf_interface)
2150                        break;
2151        }
2152        if (!pmc)                /* must have a prior join */
2153                goto done;
2154        gsf->gf_fmode = pmc->sfmode;
2155        psl = pmc->sflist;
2156        rtnl_unlock();
2157        count = psl ? psl->sl_count : 0;
2158        copycount = count < gsf->gf_numsrc ? count : gsf->gf_numsrc;
2159        gsf->gf_numsrc = count;
2160        if (put_user(GROUP_FILTER_SIZE(copycount), optlen) ||
2161            copy_to_user(optval, gsf, GROUP_FILTER_SIZE(0))) {
2162                return -EFAULT;
2163        }
2164        for (i=0; i<copycount; i++) {
2165                struct sockaddr_storage ss;
2166
2167                psin = (struct sockaddr_in *)&ss;
2168                memset(&ss, 0, sizeof(ss));
2169                psin->sin_family = AF_INET;
2170                psin->sin_addr.s_addr = psl->sl_addr[i];
2171                if (copy_to_user(&optval->gf_slist[i], &ss, sizeof(ss)))
2172                        return -EFAULT;
2173        }
2174        return 0;
2175done:
2176        rtnl_unlock();
2177        return err;
2178}
2179
2180/*
Show full sources