NULL POINTER DEREFERENCE USB 5.0 STACK

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

NULL POINTER DEREFERENCE USB 5.0 STACK

603 Views
johnstrohm
Contributor III

In file usb_dev.c, routine _usb_device_call_service_internal(), which starts at line 231:

On line 239, service_ptr is set to NULL.

    service_struct_t*             service_ptr = NULL;   // line 239

service_ptr is then dereferenced, on lines 248, 251, 255, 258, and 263.

            USB_Control_Service(&usb_dev_ptr->usb_framework, event, service_ptr->arg);  // line 248

            USB_Reset_Service(&usb_dev_ptr->usb_framework, event, service_ptr->arg);    // line 251

            USB_Suspend_Service(&usb_dev_ptr->usb_framework, event, service_ptr->arg);  // line 255

            USB_Resume_Service(&usb_dev_ptr->usb_framework, event, service_ptr->arg);   // line 258

            USB_Error_Service(&usb_dev_ptr->usb_framework, event, service_ptr->arg);    // line 263

You get away with it because Freescale processors traditionally have readable (usually read-only) memory starting at address 0x00000000, so the hardware doesn't trap those accesses.

This is really a bad idea, guys.

Labels (2)
Tags (2)
0 Kudos
2 Replies

412 Views
Jorge_Gonzalez
NXP Employee
NXP Employee

Hello John Strohm:

Thanks a lot for your feedback about the USB stack. I agree that dereferencing a NULL pointer is not a good programming practice.

I checked the latest USB stack which is present in Kinetis SDK (Software Development Kit for Kinetis MCUs) and this is already fixed as next:

USB_Control_Service(&usb_dev_ptr->usb_framework, event, NULL);

USB_Reset_Service(&usb_dev_ptr->usb_framework, event, NULL);

...

So actually the last parameter is not currently used.


Regards!,
Jorge Gonzalez

-----------------------------------------------------------------------------------------------------------------------
Note: If this post answers your question, please click the Correct Answer button. Thank you!
-----------------------------------------------------------------------------------------------------------------------

0 Kudos

412 Views
bobpaddock
Senior Contributor III

John, thank you for the work you are doing.

Perhaps someone at Freescale might invest in a copy of Lint:

The Leader in Static Analysis for C/C++ -- PC-lint and FlexeLint

0 Kudos