Since the request-handler code does not handle error cases,
the pass daemon killed with segmentation fault.
See the below gdb output:
Program terminated with signal SIGSEGV, Segmentation fault.
#0 handle_request (client=client@entry=0x7f680008d0, request=request@entry=0x7f72ffc270 "17") at /usr/src/debug/pass-2.0.0-1.aarch64/src/monitor/request-handler.c:877
877 /usr/src/debug/pass-2.0.0-1.aarch64/src/monitor/request-handler.c: No such file or directory.
[Current thread is 1 (LWP 5465)]
>>> bt
#0 handle_request (client=client@entry=0x7f680008d0, request=request@entry=0x7f72ffc270 "17") at /usr/src/debug/pass-2.0.0-1.aarch64/src/monitor/request-handler.c:877
#1 0x000000558df6eda0 in request_handler_func (data=0x7f680008d0, result=<optimized out>) at /usr/src/debug/pass-2.0.0-1.aarch64/src/monitor/request-handler.c:1012
#2 0x000000558df5bb28 in __thread_loop_main (_ctx=0x7f68001170) at /usr/src/debug/pass-2.0.0-1.aarch64/src/util/thread.c:45
#3 0x0000007f833b882c in ?? () from /lib64/libpthread.so.0
#4 0x0000007f83319eac in thread_start () at ../sysdeps/unix/sysv/linux/aarch64/clone.S:78
I added an error handling code with NULL check for the variable
`array`.
Change-Id: I93bc4a23903c2c7d7fc9315d238d2c5addddc445
Signed-off-by: Sung-hun Kim <sfoon.kim@samsung.com>
break;
case REQUEST_GET_VALUE_ARRAY:
{
- struct syscommon_resman_array_value *array;
+ struct syscommon_resman_array_value *array = NULL;
int i;
ret = handle_request_get_value_array(client, args, &array);
+ if (ret)
+ break;
+
+ if (!array) {
+ /* A weird case, return value is zero but the array is NULL.
+ * Since it can make a segfault, just break out */
+ _E("array is NULL");
+ break;
+ }
+
if (array->length == 0) {
ADD_RESPONSE(response, buffer_len, "%d|%d|$",
array->type, array->length);
projects / platform / core / system / pass.git / commitdiff