session: fixup access to uninitialized memory

The sr_packet_copy() routine could have written to an arbitrary memory
location. Make sure to allocate the space before writing to it, and
check for successful allocation before accessing the memory.

It's assumed that this error never took effect, as the routine appears
to be unused.

This was reported by clang's scan-build.
This commit is contained in:
Gerhard Sittig 2018-02-08 22:11:58 +01:00 提交者 Uwe Hermann
父節點 da6f107eff
當前提交 f129014ca4
共有 1 個檔案被更改,包括 5 行新增0 行删除

查看文件

@ -1484,8 +1484,13 @@ SR_PRIV int sr_packet_copy(const struct sr_datafeed_packet *packet,
case SR_DF_LOGIC:
logic = packet->payload;
logic_copy = g_malloc(sizeof(*logic_copy));
if (!logic_copy)
return SR_ERR;
logic_copy->length = logic->length;
logic_copy->unitsize = logic->unitsize;
logic_copy->data = g_malloc(logic->length * logic->unitsize);
if (!logic_copy->data)
return SR_ERR;
memcpy(logic_copy->data, logic->data, logic->length * logic->unitsize);
(*copy)->payload = logic_copy;
break;