projects / lttng-tools.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 74675e3)
Fix: sessiond: NULL pointer dereference after NULL check
authorJérémie Galarneau <jeremie.galarneau@efficios.com>
Fri, 27 Mar 2020 15:27:13 +0000 (11:27 -0400)
committerJérémie Galarneau <jeremie.galarneau@efficios.com>
Fri, 27 Mar 2020 15:30:44 +0000 (11:30 -0400)
The process attribute value deserialization allows the buffer view to
be NULL when the value's type is not USER_NAME nor GROUP_NAME. This is
not checked when ensuring that no string is passed (len == 0) in the
case of integral values.

A NULL check is added to the condition.

Reported-by: Coverity Scan
Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>
Change-Id: I343f747c325f739196284dadd3c407cfb4084268

src/common/tracker.c patch | blob | blame | history

diff --git a/src/common/tracker.c b/src/common/tracker.c
index 0f69c775b75f6d1c08e213fa547bcbbf5feb7daa..e4aae431d19a4896c818267c4ab781c0b85bac08 100644 (file)
--- a/src/common/tracker.c
+++ b/src/common/tracker.c
@@ -106,7 +106,8 @@ enum lttng_error_code process_attr_value_from_comm(
        if (is_value_type_name(value_type) && value_view->size == 0) {
                ret = LTTNG_ERR_INVALID_PROTOCOL;
                goto error;
-       } else if (!is_value_type_name(value_type) && value_view->size != 0) {
+       } else if (!is_value_type_name(value_type) && value_view &&
+                       value_view->size != 0) {
                ret = LTTNG_ERR_INVALID_PROTOCOL;
                goto error;
        }
LTTng 2.0 tools and control repository
This page took 0.025294 seconds and 4 git commands to generate.