[Security vulnerability] Prevent null pointer dereference

author Seonah Moon <seonah1.moon@samsung.com>

Fri, 8 Mar 2019 07:04:39 +0000 (16:04 +0900)

committer Seonah Moon <seonah1.moon@samsung.com>

Mon, 11 Mar 2019 05:23:50 +0000 (14:23 +0900)
author Seonah Moon <seonah1.moon@samsung.com>
Fri, 8 Mar 2019 07:04:39 +0000 (16:04 +0900)
committer Seonah Moon <seonah1.moon@samsung.com>
Mon, 11 Mar 2019 05:23:50 +0000 (14:23 +0900)
diff --git a/provider-interface/download-provider-interface.c b/provider-interface/download-provider-interface.c

index e867b75..b3e0d4b 100755 (executable)
--- a/provider-interface/download-provider-interface.c
+++ b/provider-interface/download-provider-interface.c
@@ -885,6 +885,9 @@ int dp_interface_get_destination(const int id, char **path)
         }
  
         *path = strdup(g_interface_slots[index].downloaded_path);
+       if (*path == NULL)
+               return DOWNLOAD_ADAPTOR_ERROR_OUT_OF_MEMORY;
+
         return DOWNLOAD_ADAPTOR_ERROR_NONE;
  }
  
@@ -914,6 +917,8 @@ int dp_interface_get_downloaded_file_path(const int id, char **path)
                 /* Converted. Use converted path. */
                 TRACE_ERROR("Converted filename : %s -> %s", *path, compat_filename);
                 *path = strdup(compat_filename);
+               if (*path == NULL)
+                       ret = DOWNLOAD_ADAPTOR_ERROR_OUT_OF_MEMORY;
         }
         return ret;
  }
@@ -937,6 +942,10 @@ int dp_interface_get_temp_path(const int id, char **temp_path)
         } else {
                 *temp_path = strdup(g_interface_slots[index].saved_temp_path);
         }
+
+       if (*temp_path == NULL)
+               ret = DOWNLOAD_ADAPTOR_ERROR_OUT_OF_MEMORY;
+
         return ret;
  }
author	Seonah Moon <seonah1.moon@samsung.com>
	Fri, 8 Mar 2019 07:04:39 +0000 (16:04 +0900)
committer	Seonah Moon <seonah1.moon@samsung.com>
	Mon, 11 Mar 2019 05:23:50 +0000 (14:23 +0900)