[PATCH] event: Cheking for NULL before dereferencing the pointer.
Hardening
rdp.effort at gmail.com
Fri May 9 00:37:46 PDT 2014
Le 09/05/2014 08:43, Srivardhan Hebbar a écrit :
> Checking for NULL before dereferencing the wl_event_source
> pointer so as to avoid crash.
>
> Signed-off-by: Srivardhan Hebbar <sri.hebbar at samsung.com>
> ---
> src/event-loop.c | 7 ++++++-
> 1 file changed, 6 insertions(+), 1 deletion(-)
>
> diff --git a/src/event-loop.c b/src/event-loop.c
> index 9790cde..b62d16e 100644
> --- a/src/event-loop.c
> +++ b/src/event-loop.c
> @@ -312,7 +312,12 @@ wl_event_source_check(struct wl_event_source *source)
> WL_EXPORT int
> wl_event_source_remove(struct wl_event_source *source)
> {
> - struct wl_event_loop *loop = source->loop;
> + struct wl_event_loop *loop;
> +
> + if (source == NULL)
> + return 0;
> +
> + loop = source->loop;
>
> /* We need to explicitly remove the fd, since closing the fd
> * isn't enough in case we've dup'ed the fd. */
>
Hello Srivardhan,
do you have a case where this check is hit ? I may be wrong but having
no loop associated with a source event is not supposed to happen. So my
guess is that a caller of wl_event_source_remove has forgotten to
nullify the event source after the call.
Regards.
--
David FORT
website: http://www.hardening-consulting.com/
More information about the wayland-devel
mailing list