Add NULL check on malloc return to fix NULL pointer dereference
in case malloc fails.
---
android/hal-bluetooth.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/android/hal-bluetooth.c b/android/hal-bluetooth.c
index e24f7d2..66f4a37 100644
--- a/android/hal-bluetooth.c
+++ b/android/hal-bluetooth.c
@@ -19,6 +19,7 @@
#include <stdlib.h>
#include <stdbool.h>
#include <string.h>
+#include <errno.h>
#include <cutils/properties.h>
@@ -1103,6 +1104,11 @@ static int open_bluetooth(const struct hw_module_t *module, char const *name,
DBG("");
+ if (!dev) {
+ error("Failed to allocate memory for device");
+ return -ENOMEM;
+ }
+
memset(dev, 0, sizeof(bluetooth_device_t));
dev->common.tag = HARDWARE_DEVICE_TAG;
dev->common.version = 0;
--
2.1.4
Hi Atul,
On Monday 29 of June 2015 12:14:13 Atul Rai wrote:
> Add NULL check on malloc return to fix NULL pointer dereference
> in case malloc fails.
> ---
> android/hal-bluetooth.c | 6 ++++++
> 1 file changed, 6 insertions(+)
>
> diff --git a/android/hal-bluetooth.c b/android/hal-bluetooth.c
> index e24f7d2..66f4a37 100644
> --- a/android/hal-bluetooth.c
> +++ b/android/hal-bluetooth.c
> @@ -19,6 +19,7 @@
> #include <stdlib.h>
> #include <stdbool.h>
> #include <string.h>
> +#include <errno.h>
>
> #include <cutils/properties.h>
>
> @@ -1103,6 +1104,11 @@ static int open_bluetooth(const struct hw_module_t
> *module, char const *name,
>
> DBG("");
>
> + if (!dev) {
> + error("Failed to allocate memory for device");
> + return -ENOMEM;
> + }
> +
> memset(dev, 0, sizeof(bluetooth_device_t));
> dev->common.tag = HARDWARE_DEVICE_TAG;
> dev->common.version = 0;
Patch applied, thanks.
--
BR
Szymon Janc
Hi,
Atul Rai <[email protected]> writes:
> ping
>
I didn't get the original email.
>> ------- Original Message -------
>> Sender : Atul Kumar Rai<[email protected]> Lead Engineer (1)/SRI-Delhi-SWC Group/Samsung Electronics
>> Date : Jun 29, 2015 12:14 (GMT+05:30)
>> Title : [PATCH] android/hal-bluetooth: Fix NULL ptr dereference
>>
>> Add NULL check on malloc return to fix NULL pointer dereference
>> in case malloc fails.
>> ---
>> android/hal-bluetooth.c | 6 ++++++
>> 1 file changed, 6 insertions(+)
>>
>> diff --git a/android/hal-bluetooth.c b/android/hal-bluetooth.c
>> index e24f7d2..66f4a37 100644
>> --- a/android/hal-bluetooth.c
>> +++ b/android/hal-bluetooth.c
>> @@ -19,6 +19,7 @@
>> #include <stdlib.h>
>> #include <stdbool.h>
>> #include <string.h>
>> +#include <errno.h>
>>
>> #include <cutils/properties.h>
>>
>> @@ -1103,6 +1104,11 @@ static int open_bluetooth(const struct hw_module_t *module, char const *name,
>>
>> DBG("");
>>
>> + if (!dev) {
>> + error("Failed to allocate memory for device");
>> + return -ENOMEM;
>> + }
>> +
Looks OK. Just wondering why it is not using calloc() instead of
'malloc() + sizeof()'.
Cheers,
--
Vinicius