[Simh] Possible bug in sim_ether.c

[Michael Bloom]

Can eth_close ever be called with a null pointer as it's "dev" argument?

The third line of the routine dereferences "dev",  but the dereference 
is then followed by a null pointer test.

Testing for null after dereferencing it, is either too late, or is (in 
the case of NULL _never_ being passed) unnecessary.

But "unnecessary" is a dangerous word.  Even if one *knows* that NULL 
will never be passed, however,  someone else could write some code that 
calls eth_close and DOES pass a null pointer, on the assumption that 
eth_close would check it's argument for NULL and therefore she could 
pass anything she likes with impunity.   It's an argument I had over and 
over again with a former boss who had an aversion to checking for NULL 
and whose code often ended up needing fixing. (He actually argued that 
he could detect any null pointer dereferences by catching SIGSEGV while 
he was testing, so he didn't need to waste time checking for NULL!)

    t_stat eth_close(ETH_DEV* dev)
    {
    char* msg = "Eth: closed %s\r\n";
    pcap_t *pcap;
    int pcap_fd = dev->fd_handle;

    /* make sure device exists */
    if (!dev) return SCPE_UNATT;

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.trailing-edge.com/pipermail/simh/attachments/20120318/f7a66eae/attachment-0002.html>