[Spice-devel] udscs: Fix a potential NULL pointer dereference
Francois Gouget
fgouget at codeweavers.com
Thu Dec 1 15:45:17 UTC 2016
On Thu, 1 Dec 2016, Christophe Fergeau wrote:
> On Thu, Dec 01, 2016 at 05:19:33AM +0100, Francois Gouget wrote:
> > udscs_server_fill_fds() should accept being passed a NULL pointer.
>
> I would reword the commit log a bit, like "udscs_server_fill_fds() is
> dereferencing the 'server' pointer, and then checks if it's NULL. This
> commit makes sure the NULL check happens first"
> I'll amend and push, thanks for the patch!
Works for me.
> Acked-by: Christophe Fergeau <cfergeau at redhat.com>
>
>
> >
> > Signed-off-by: Francois Gouget <fgouget at codeweavers.com>
> > ---
> > src/udscs.c | 3 ++-
> > 1 file changed, 2 insertions(+), 1 deletion(-)
> >
> > diff --git a/src/udscs.c b/src/udscs.c
> > index 414dce5..fdd75a4 100644
> > --- a/src/udscs.c
> > +++ b/src/udscs.c
> > @@ -495,11 +495,12 @@ int udscs_server_fill_fds(struct udscs_server *server, fd_set *readfds,
> > fd_set *writefds)
> > {
> > struct udscs_connection *conn;
> > - int nfds = server->fd + 1;
> > + int nfds;
> >
> > if (!server)
> > return -1;
> >
> > + nfds = server->fd + 1;
> > FD_SET(server->fd, readfds);
> >
> > conn = server->connections_head.next;
> > --
> > 2.10.2
> > _______________________________________________
> > Spice-devel mailing list
> > Spice-devel at lists.freedesktop.org
> > https://lists.freedesktop.org/mailman/listinfo/spice-devel
>
--
Francois Gouget <fgouget at codeweavers.com>
More information about the Spice-devel
mailing list