From: Andrei Emeltchenko <[email protected]>
When error is not set err->message may be accessed from the other code
resulting in NULL dereference.
---
android/mcap-lib.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/android/mcap-lib.c b/android/mcap-lib.c
index b04eaac..e0e1258 100644
--- a/android/mcap-lib.c
+++ b/android/mcap-lib.c
@@ -1932,6 +1932,8 @@ gboolean mcap_create_mcl(struct mcap_instance *mi,
}
mcap_mcl_unref(con->mcl);
g_free(con);
+ g_set_error(err, MCAP_ERROR, MCAP_ERROR_FAILED,
+ "MCP connect failed");
return FALSE;
}
--
1.8.3.2
Hi Andrei,
On Tuesday 17 June 2014 16:53:01 Andrei Emeltchenko wrote:
> From: Andrei Emeltchenko <[email protected]>
>
> When error is not set err->message may be accessed from the other code
> resulting in NULL dereference.
> ---
> android/mcap-lib.c | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/android/mcap-lib.c b/android/mcap-lib.c
> index b04eaac..e0e1258 100644
> --- a/android/mcap-lib.c
> +++ b/android/mcap-lib.c
> @@ -1932,6 +1932,8 @@ gboolean mcap_create_mcl(struct mcap_instance *mi,
> }
> mcap_mcl_unref(con->mcl);
> g_free(con);
> + g_set_error(err, MCAP_ERROR, MCAP_ERROR_FAILED,
> + "MCP connect failed");
> return FALSE;
> }
Wouldn't error be already set by bt_io_connect() in that case?
--
Szymon K. Janc
[email protected]