From 11dcc9bf0dba61c83269fb3cf234579d6f9ef192 Mon Sep 17 00:00:00 2001 From: Roman Smirnov Date: Tue, 9 Jul 2024 17:35:01 +0300 Subject: [PATCH] shared: prevent dereferencing of NULL pointers It is necessary to add checks for NULL before dereferencing pointers. Found with the SVACE static analysis tool. --- src/shared/micp.c | 4 ++++ src/shared/vcp.c | 12 ++++++++++++ 2 files changed, 16 insertions(+) diff --git a/src/shared/micp.c b/src/shared/micp.c index b82bd92de..1c34e9d00 100644 --- a/src/shared/micp.c +++ b/src/shared/micp.c @@ -398,6 +398,10 @@ static void mics_mute_write(struct gatt_db_attribute *attrib, } micp_op = iov_pull_mem(&iov, sizeof(*micp_op)); + if (!micp_op) { + DBG(micp, "iov_pull_mem() returned NULL"); + goto respond; + } if ((*micp_op == MICS_DISABLED) || (*micp_op != MICS_NOT_MUTED && *micp_op != MICS_MUTED)) { diff --git a/src/shared/vcp.c b/src/shared/vcp.c index 06264a241..602d46dc1 100644 --- a/src/shared/vcp.c +++ b/src/shared/vcp.c @@ -925,6 +925,10 @@ static void vcs_cp_write(struct gatt_db_attribute *attrib, } vcp_op = iov_pull_mem(&iov, sizeof(*vcp_op)); + if (!vcp_op) { + DBG(vcp, "iov_pull_mem() returned NULL"); + goto respond; + } for (handler = vcp_handlers; handler && handler->str; handler++) { if (handler->op != *vcp_op) @@ -985,6 +989,10 @@ static void vocs_cp_write(struct gatt_db_attribute *attrib, } vcp_op = iov_pull_mem(&iov, sizeof(*vcp_op)); + if (!vcp_op) { + DBG(vcp, "iov_pull_mem() returned NULL"); + goto respond; + } for (handler = vocp_handlers; handler && handler->str; handler++) { if (handler->op != *vcp_op) @@ -1517,6 +1525,10 @@ static void aics_ip_cp_write(struct gatt_db_attribute *attrib, } aics_op = iov_pull_mem(&iov, sizeof(*aics_op)); + if (!aics_op) { + DBG(vcp, "iov_pull_mem() returned NULL"); + goto respond; + } for (handler = aics_handlers; handler && handler->str; handler++) { if (handler->op != *aics_op) -- 2.47.3