[Spice-devel] [spice-gtk 2/3] gtk: don't attempt to dereference NULL pointer
Christophe Fergeau
cfergeau at gmail.com
Tue Mar 22 07:47:59 PDT 2011
In spice_channel_handle_migrate there's an explicit check for
data being NULL. However, we subsequently dereference it twice
even when it can be NULL. Add explicit checks to avoid that.
---
gtk/channel-base.c | 6 ++++--
1 files changed, 4 insertions(+), 2 deletions(-)
diff --git a/gtk/channel-base.c b/gtk/channel-base.c
index 0fcd058..abbafbb 100644
--- a/gtk/channel-base.c
+++ b/gtk/channel-base.c
@@ -135,14 +135,16 @@ void spice_channel_handle_migrate(SpiceChannel *channel, spice_msg_in *in)
}
if (mig->flags & SPICE_MIGRATE_NEED_DATA_TRANSFER) {
spice_channel_recv_msg(channel, get_msg_handler, &data);
- if (!data || data->header.type != SPICE_MSG_MIGRATE_DATA) {
+ if (!data) {
+ g_warning("expected SPICE_MSG_MIGRATE_DATA, got empty message");
+ } else if (data->header.type != SPICE_MSG_MIGRATE_DATA) {
g_warning("expected SPICE_MSG_MIGRATE_DATA, got %d", data->header.type);
}
}
spice_session_channel_migrate(c->session, channel);
- if (mig->flags & SPICE_MIGRATE_NEED_DATA_TRANSFER) {
+ if ((mig->flags & SPICE_MIGRATE_NEED_DATA_TRANSFER) && (data != NULL)) {
out = spice_msg_out_new(SPICE_CHANNEL(channel), SPICE_MSGC_MIGRATE_DATA);
spice_marshaller_add(out->marshaller, data->data, data->header.size);
spice_msg_out_send_internal(out);
--
1.7.4
More information about the Spice-devel
mailing list