[PATCH] kernel-device: avoid potential NULL dereference
Aleksander Morgado
aleksander at aleksander.es
Tue Aug 15 07:43:38 UTC 2017
On 12/08/17 09:08, Ben Chan wrote:
> The patch fixes get_device_ids() in mm-kernel-device-udev.c to avoid
> potential NULL dereferences of the 'vendor' argument. It also rearranges
> the code such that the 'vendor' argument is updated only when the
> function returns TRUE, just like how the 'product' argument is handled.
> ---
Looks like this method is only used in a single place, and vendor and product are always defined (never NULL). How about removing the if (vendor) and if (product) checks? I agree with the reorder, though.
> src/kerneldevice/mm-kernel-device-udev.c | 16 ++++++----------
> 1 file changed, 6 insertions(+), 10 deletions(-)
>
> diff --git a/src/kerneldevice/mm-kernel-device-udev.c b/src/kerneldevice/mm-kernel-device-udev.c
> index e8763f7e..e2c2bf34 100644
> --- a/src/kerneldevice/mm-kernel-device-udev.c
> +++ b/src/kerneldevice/mm-kernel-device-udev.c
> @@ -119,23 +119,19 @@ get_device_ids (GUdevDevice *device,
> if (strlen (vid) != 4)
> goto out;
>
> - if (vendor) {
> - *vendor = (guint16) (mm_utils_hex2byte (vid + 2) & 0xFF);
> - *vendor |= (guint16) ((mm_utils_hex2byte (vid) & 0xFF) << 8);
> - }
> -
> if (!pid)
> pid = g_udev_device_get_property (device, "ID_MODEL_ID");
> - if (!pid) {
> - *vendor = 0;
> + if (!pid)
> goto out;
> - }
>
> if (strncmp (pid, "0x", 2) == 0)
> pid += 2;
> - if (strlen (pid) != 4) {
> - *vendor = 0;
> + if (strlen (pid) != 4)
> goto out;
> +
> + if (vendor) {
> + *vendor = (guint16) (mm_utils_hex2byte (vid + 2) & 0xFF);
> + *vendor |= (guint16) ((mm_utils_hex2byte (vid) & 0xFF) << 8);
> }
>
> if (product) {
>
--
Aleksander
https://aleksander.es
More information about the ModemManager-devel
mailing list