File 10007-2948647-getObjectPath-may-dereference-NULL-pointer.patch of Package sblim-sfcb-sle11-sp1
From dbdf3dae95dfc60c03347f37e0f4eaa47a339e5e Mon Sep 17 00:00:00 2001
From: kkaempf <kkaempf@linux-lkbf.(none)>
Date: Mon, 8 Mar 2010 21:44:27 +0100
Subject: [PATCH 7/7] 2948647 getObjectPath may dereference NULL pointer
---
args.c | 3 +--
array.c | 3 +--
constClass.c | 3 +--
instance.c | 3 +--
internalProvider.c | 3 +--
objectpath.c | 14 ++++++--------
package/sblim-sfcb.changes | 3 +++
7 files changed, 14 insertions(+), 18 deletions(-)
diff --git a/args.c b/args.c
index 2c706b8..f8c9cc5 100644
--- a/args.c
+++ b/args.c
@@ -137,9 +137,8 @@ static CMPIData __aft_getArgAt(const CMPIArgs * args,
rv.type = CMPI_string;
}
else if (rv.type == CMPI_ref) {
- char *msg;
rv.value.ref = getObjectPath(
- (char*)ClObjectGetClString(&ca->hdr, (ClString *) & rv.value.chars), &msg);
+ (char*)ClObjectGetClString(&ca->hdr, (ClString *) & rv.value.chars), NULL);
}
else if (rv.type & CMPI_ARRAY && rv.value.array) {
rv.value.array =
diff --git a/array.c b/array.c
index be6c875..ff5f2e7 100644
--- a/array.c
+++ b/array.c
@@ -361,9 +361,8 @@ CMPIArray *internal_native_make_CMPIArray(CMPIData * av, CMPIStatus * rc,
arraySetElementNotTrackedAt((CMPIArray *) array, i, (CMPIValue *) chars, CMPI_chars);
} else if (av[i + 1].type == CMPI_ref) {
CMPIValue value;
- char *msg = "";
char *chars = (char *) ClObjectGetClString(hdr, (ClString *) & av[i + 1].value.chars);
- value.ref = getObjectPath(chars,&msg);
+ value.ref = getObjectPath(chars, NULL);
arraySetElementNotTrackedAt((CMPIArray *) array, i, &value, CMPI_ref);
} else if (av[i + 1].type == CMPI_instance) {
value.inst = (void *)ClObjectGetClObject(hdr, (ClString *) & av[i + 1].value.inst);
diff --git a/constClass.c b/constClass.c
index 0a1f616..effcb07 100644
--- a/constClass.c
+++ b/constClass.c
@@ -134,10 +134,9 @@ CMPIData getPropertyQualsAt(CMPIConstClass * cc, CMPICount i, CMPIString ** name
rv.type = CMPI_string;
}
else if (rv.type == CMPI_ref) {
- char *msg;
if ((rv.state & CMPI_nullValue)==0)
rv.value.ref = getObjectPath(
- (char*)ClObjectGetClString(&cls->hdr,(ClString *) & rv.value.chars), &msg);
+ (char*)ClObjectGetClString(&cls->hdr,(ClString *) & rv.value.chars), NULL);
}
if (rv.type & CMPI_ARRAY && rv.value.array) {
rv.value.array =
diff --git a/instance.c b/instance.c
index 1d58b95..8179831 100644
--- a/instance.c
+++ b/instance.c
@@ -184,9 +184,8 @@ CMPIData __ift_internal_getPropertyAt(const CMPIInstance * ci, CMPICount i,
rv.value.string =
sfcb_native_new_CMPIString(rv.value.string->hdl, NULL,0);
} else if (rv.type == CMPI_ref) {
- char *msg;
rv.value.ref = getObjectPath(
- (char*)ClObjectGetClString(&inst->hdr, (ClString*)&rv.value.chars), &msg);
+ (char*)ClObjectGetClString(&inst->hdr, (ClString*)&rv.value.chars), NULL);
}
else if (rv.type & CMPI_ARRAY && rv.value.array) {
rv.value.array =
diff --git a/internalProvider.c b/internalProvider.c
index 1bfb5ad..d6fa09e 100644
--- a/internalProvider.c
+++ b/internalProvider.c
@@ -210,7 +210,6 @@ CMPIStatus InternalProviderEnumInstanceNames(CMPIInstanceMI * mi,
int i,ac=0;
char copKey[8192]="";
char *kp;
- char *msg;
CMPIArgs *in,*out;
CMPIObjectPath *op;
CMPIArray *ar;
@@ -237,7 +236,7 @@ CMPIStatus InternalProviderEnumInstanceNames(CMPIInstanceMI * mi,
strcat(copKey,".");
strncat(copKey,kp,ekl);
- cop=getObjectPath(copKey,&msg);
+ cop = getObjectPath(copKey,NULL);
if (cop) CMReturnObjectPath(rslt, cop);
else {
CMPIStatus st = { CMPI_RC_ERR_FAILED, NULL };
diff --git a/objectpath.c b/objectpath.c
index ce23627..0d634e5 100644
--- a/objectpath.c
+++ b/objectpath.c
@@ -159,9 +159,8 @@ CMPIData opGetKeyCharsAt(const CMPIObjectPath * op,
rv.type = CMPI_string;
}
else if (rv.type == CMPI_ref) {
- char *msg="";
rv.value.ref = getObjectPath(
- (char*)ClObjectGetClString(&cop->hdr, (ClString *) & rv.value.chars), &msg);
+ (char*)ClObjectGetClString(&cop->hdr, (ClString *) & rv.value.chars), NULL);
}
else if (rv.type & CMPI_ARRAY && rv.value.array) { // should nor occcur
rv.value.array =
@@ -513,8 +512,7 @@ static void addKey(CMPIObjectPath * op, char *kd, int ref)
*val = 0;
val++;
if (ref) {
- char * msg;
- CMPIObjectPath *keyOp = getObjectPath(val,&msg);
+ CMPIObjectPath *keyOp = getObjectPath(val, NULL);
op->ft->addKey(op, kd, (CMPIValue*)&keyOp, CMPI_ref);
} else if (*val == '"') {
val++;
@@ -564,7 +562,7 @@ CMPIObjectPath *getObjectPath(char *path, char **msg)
if (nname) free(nname);
return op;
}
- *msg = "No className found";
+ if (msg) *msg = "No className found";
free(origu);
if (nname) free(nname);
return NULL;
@@ -597,19 +595,19 @@ CMPIObjectPath *getObjectPath(char *path, char **msg)
break;
if (*p == '"') {
if (*(p - 1) != '=') {
- *msg = "Incorrectly quoted string 1";
+ if (msg) *msg = "Incorrectly quoted string 1";
free(origu);
return NULL;
}
p++;
if ((p = strchr(p, '"')) == NULL) {
- *msg = "Unbalanced quoted string";
+ if (msg) *msg = "Unbalanced quoted string";
free(origu);
return NULL;
}
p++;
if (*p != ',' && *p != 0) {
- *msg = "Incorrectly quoted string 2";
+ if (msg) *msg = "Incorrectly quoted string 2";
free(origu);
return NULL;
}
--
1.6.4.2
