projects / platform / core / system / kdbus-bus.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: fbc4743)
kdbus: Check for bloom parameter in "make bus" command
authorIngo van Lil <inguin@gmx.de>
Sat, 29 Mar 2014 16:54:58 +0000 (17:54 +0100)
committerKay Sievers <kay@vrfy.org>
Sat, 29 Mar 2014 20:21:15 +0000 (21:21 +0100)
When handling a KDBUS_CMD_BUS_MAKE command the kernel must make sure
that the message contains a bloom parameter item to avoid a null-
pointer dereference.

Signed-off-by: Ingo van Lil <inguin@gmx.de>
bus.c patch | blob | history

diff --git a/bus.c b/bus.c
index 8c4efdaec2fc1f58362c918f275968fa8e3a802f..9fea64369db5019d816bbabaf988e0425915d159 100644 (file)
--- a/bus.c
+++ b/bus.c
@@ -359,7 +359,7 @@ int kdbus_bus_make_user(const struct kdbus_cmd_make *make,
        if (!KDBUS_ITEMS_END(item, make->items, KDBUS_ITEMS_SIZE(make, items)))
                return -EINVAL;
 
-       if (!n)
+       if (!n || !bl)
                return -EBADMSG;
 
        if (bl->size < 8 || bl->size > KDBUS_BUS_BLOOM_MAX_SIZE)
Domain: System / Uncategorized;