str could be null when dst isn't null
---
src/main.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/src/main.c b/src/main.c
index 2d24d07..3ad9048 100644
--- a/src/main.c
+++ b/src/main.c
@@ -266,7 +266,7 @@ static char *expand_name(char *dst, int size, char *str, int dev_id)
register int sp, np, olen;
char *opt, buf[10];
- if (!str && !dst)
+ if (!str || !dst)
return NULL;
sp = np = 0;
--
1.6.0.6
Now len has the correct value: sizeof(sco_opt)
---
common/btio.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/common/btio.c b/common/btio.c
index 9ff407f..030feda 100644
--- a/common/btio.c
+++ b/common/btio.c
@@ -573,8 +573,8 @@ static gboolean sco_set(int sock, uint16_t mtu, GError **err)
if (!mtu)
return TRUE;
- memset(&sco_opt, 0, len);
len = sizeof(sco_opt);
+ memset(&sco_opt, 0, len);
if (getsockopt(sock, SOL_SCO, SCO_OPTIONS, &sco_opt, &len) < 0) {
ERROR_FAILED(err, "getsockopt(SCO_OPTIONS)", errno);
return FALSE;
--
1.6.0.6
If name or data->name is null we have a null dereference. Not name and
data->name.
---
gdbus/watch.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/gdbus/watch.c b/gdbus/watch.c
index 38bf3d7..607803c 100644
--- a/gdbus/watch.c
+++ b/gdbus/watch.c
@@ -62,7 +62,7 @@ static struct name_data *name_data_find(DBusConnection *connection,
current != NULL; current = current->next) {
struct name_data *data = current->data;
- if (name == NULL && data->name == NULL) {
+ if (name == NULL || data->name == NULL) {
if (connection == data->connection)
return data;
} else {
--
1.6.0.6
Hi,
On Tue, Mar 31, 2009, Gustavo F. Padovan wrote:
> Now len has the correct value: sizeof(sco_opt)
> ---
> common/btio.c | 2 +-
> 1 files changed, 1 insertions(+), 1 deletions(-)
>
> diff --git a/common/btio.c b/common/btio.c
> index 9ff407f..030feda 100644
> --- a/common/btio.c
> +++ b/common/btio.c
> @@ -573,8 +573,8 @@ static gboolean sco_set(int sock, uint16_t mtu, GError **err)
> if (!mtu)
> return TRUE;
>
> - memset(&sco_opt, 0, len);
> len = sizeof(sco_opt);
> + memset(&sco_opt, 0, len);
> if (getsockopt(sock, SOL_SCO, SCO_OPTIONS, &sco_opt, &len) < 0) {
> ERROR_FAILED(err, "getsockopt(SCO_OPTIONS)", errno);
> return FALSE;
Nice catch! This one has also been pushed upstream. It's strange though that we
haven't noticed any uninitialized variable compiler warnings because of it
earlier.
Johan
Hi,
On Tue, Mar 31, 2009, Gustavo F. Padovan wrote:
> If name or data->name is null we have a null dereference. Not name and
> data->name.
> ---
> gdbus/watch.c | 2 +-
> 1 files changed, 1 insertions(+), 1 deletions(-)
>
> diff --git a/gdbus/watch.c b/gdbus/watch.c
> index 38bf3d7..607803c 100644
> --- a/gdbus/watch.c
> +++ b/gdbus/watch.c
> @@ -62,7 +62,7 @@ static struct name_data *name_data_find(DBusConnection *connection,
> current != NULL; current = current->next) {
> struct name_data *data = current->data;
>
> - if (name == NULL && data->name == NULL) {
> + if (name == NULL || data->name == NULL) {
> if (connection == data->connection)
> return data;
> } else {
Pushed upstream. Marcel, you'll probably want to merge the patch with the other
gdbus-using projects too.
Johan
Hi Gustavo,
On Tue, Mar 31, 2009, Gustavo F. Padovan wrote:
> str could be null when dst isn't null
> ---
> src/main.c | 2 +-
> 1 files changed, 1 insertions(+), 1 deletions(-)
>
> diff --git a/src/main.c b/src/main.c
> index 2d24d07..3ad9048 100644
> --- a/src/main.c
> +++ b/src/main.c
> @@ -266,7 +266,7 @@ static char *expand_name(char *dst, int size, char *str, int dev_id)
> register int sp, np, olen;
> char *opt, buf[10];
>
> - if (!str && !dst)
> + if (!str || !dst)
> return NULL;
>
> sp = np = 0;
The patch has been pushed upstream. Thanks.
Johan