sim: Fix potential use of uninitialized variable

In certain circumstances, when the image has been cached but EFimg has
not been read yet, we might end up accessing an unitialized variable.
Fix this by always failing if EFimg has not been read yet.

diff --git a/src/sim.c b/src/sim.c
index af7a715..eb2c16c 100644 (file)
--- a/src/sim.c
+++ b/src/sim.c
@@ -945,18 +945,15 @@ static void sim_get_image(struct ofono_sim *sim, unsigned char id,
        unsigned short iidf_offset;
        unsigned short iidf_len;
 
-       image = sim_fs_get_cached_image(sim->simfs, id);
-
-       if (image != NULL) {
-               sim_get_image_cb(sim, id, image, FALSE);
-               goto watch;
-       }
-
-       if (sim->efimg_length <= (id * 9)) {
+       if (sim->efimg_length <= id * 9) {
                sim_get_image_cb(sim, id, NULL, FALSE);
                return;
        }
 
+       image = sim_fs_get_cached_image(sim->simfs, id);
+       if (image != NULL)
+               sim_get_image_cb(sim, id, image, FALSE);
+
        efimg = &sim->efimg[id * 9];
 
        iidf_id = efimg[3] << 8 | efimg[4];
@@ -964,12 +961,9 @@ static void sim_get_image(struct ofono_sim *sim, unsigned char id,
        iidf_len = efimg[7] << 8 | efimg[8];
 
        /* read the image data */
-       ofono_sim_read_bytes(sim->context, iidf_id, iidf_offset, iidf_len,
-                               sim_iidf_read_cb, sim);
-
-watch:
-       if (sim->efimg_length <= id * 9)
-               return;
+       if (image == NULL)
+               ofono_sim_read_bytes(sim->context, iidf_id, iidf_offset,
+                                       iidf_len, sim_iidf_read_cb, sim);
 
        if (sim->iidf_watch_ids[id] > 0)
                return;