[Spice-devel] [PATCH spice-server v2 3/7] smartcard: Do not crash if reader_id is invalid

Tue Oct 8 17:39:20 UTC 2019

Avoid client to trigger crash. The value of smartcard_readers_get
is checked for NULL so returning it it's not an issue.

Signed-off-by: Frediano Ziglio <fziglio at redhat.com>
---
 server/smartcard.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/server/smartcard.c b/server/smartcard.c
index 3f51f5298..4c5bba07d 100644
--- a/server/smartcard.c
+++ b/server/smartcard.c
@@ -222,7 +222,9 @@ static int smartcard_char_device_add_to_readers(RedsState *reds, SpiceCharDevice
 
 SpiceCharDeviceInstance *smartcard_readers_get(uint32_t reader_id)
 {
-    spice_assert(reader_id < g_smartcard_readers.num);
+    if (reader_id >= g_smartcard_readers.num) {
+        return NULL;
+    }
     return g_smartcard_readers.sin[reader_id];
 }
 
-- 
2.21.0

