Safeguarding the past, present and future of RISC OS for everyone
Account
News | Downloads | Bugs | Bounties | Forums | Library
Forums → Bugs →

USB module bug

Subscribe to USB module bug 1 post, 1 voice

 
May 9, 2013 2:58pm
Avatar Colin (478) 2433 posts

In USBModule.c

In the service_call function you have:

 1472:     char* real_serv = malloc (size);
 1473:     USBServiceCall* serv = (USBServiceCall*) (link? real_serv + 4: real_serv);
 1474: 
 1475:     if (serv == NULL)
 1476:     {
 1477:         return 0;
 1478:     }
 1479:     memset (real_serv, 0, size);

which means if malloc returns 0 and link != 0 memset and the rest of service_call will try to reference an invalid pointer.

The same thing happens at line 1380.

Change serv to real_serv in lines 1475 and 1384.

Edit:
I may as well add the lack of va_end in port.c lines 109 and 430.

Reply

To post replies, please first log in.

Forums → Bugs →

Search forums

Social

Follow us on and

ROOL Store

Buy RISC OS Open merchandise here, including SD cards for Raspberry Pi and more.

Donate! Why?

Help ROOL make things happen – please consider donating!

RISC OS IPR

RISC OS is an Open Source operating system owned by RISC OS Developments Ltd and licensed primarily under the Apache 2.0 license.

Description

Bug discussions that aren’t covered by the bugs database.

Voices

  • Colin (478)

Options

  • Forums
  • Login
Contact Us  |  About Us

The RISC OS Open Beast theme is based on Beast's default layout
Site design © RISC OS Open Limited 2024 except where indicated

Hosted by Arachsys

Powered by Beast © 2006 Josh Goebel and Rick Olson
This site runs on Rails