[pulseaudio-discuss] [PATCH 1/2] bluetooth: Fix potential NULL pointer dereference
Peter Meerwald-Stadler
pmeerw at pmeerw.net
Wed Aug 17 12:43:15 UTC 2016
> > CID 1353122
> >
> > Signed-off-by: Peter Meerwald-Stadler <pmeerw at pmeerw.net>
> > ---
> > src/modules/bluetooth/bluez4-util.c | 10 +++++-----
> > 1 file changed, 5 insertions(+), 5 deletions(-)
> >
> > diff --git a/src/modules/bluetooth/bluez4-util.c
> > b/src/modules/bluetooth/bluez4-util.c
> > index 3793898..542ce35 100644
> > --- a/src/modules/bluetooth/bluez4-util.c
> > +++ b/src/modules/bluetooth/bluez4-util.c
> > @@ -657,13 +657,13 @@ static void
> > get_properties_reply(DBusPendingCall *pending, void *userdata) {
> >
> > pa_assert(p->call_data == d);
> >
> > - if (d != NULL)
> > + if (d != NULL) {
> > old_any_connected = pa_bluez4_device_any_audio_connected(d);
> > + valid = dbus_message_get_type(r) == DBUS_MESSAGE_TYPE_ERROR
> > ? -1 : 1;
> >
> > - valid = dbus_message_get_type(r) == DBUS_MESSAGE_TYPE_ERROR ? -1
> > : 1;
> > -
> > - if (dbus_message_is_method_call(p->message, "org.bluez.Device",
> > "GetProperties"))
> > - d->device_info_valid = valid;
> > + if (dbus_message_is_method_call(p->message,
> > "org.bluez.Device", "GetProperties"))
> > + d->device_info_valid = valid;
> > + }
> >
> > if (dbus_message_is_error(r, DBUS_ERROR_SERVICE_UNKNOWN)) {
> > pa_log_debug("Bluetooth daemon is apparently not
> > available.");
>
> I don't think there's any risk of NULL pointer dereference, so the
> commit message needs to be changed. The change itself is fine, though,
> if it gets rid of a false positive from Coverity.
I can't find an easy argument why the NULL dereference can't happen (as I
am not intimate with the semantics of the dbus functions involved)
why is d always != NULL when
dbus_message_is_method_call(p->message, "org.bluez.Device", "GetProperties") != 0?
will to change to: reorganize code to avoid Coverity warning
thanks, p.
--
Peter Meerwald-Stadler
+43-664-2444418 (mobile)
More information about the pulseaudio-discuss
mailing list