From: Adam Michalski <a.michalski2@partner.samsung.com>
Date: Tue, 24 Sep 2024 17:20:42 +0000 (+0200)
Subject: libisu: properly handle nulls in isu_pkg_get_name/isu_pkg_get_version
X-Git-Tag: accepted/tizen/unified/20241001.004102~4
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=da8ed37f51b87605da01ed1b16f73cdefbed3dd5;p=platform%2Fcore%2Fsystem%2Fisu.git

libisu: properly handle nulls in isu_pkg_get_name/isu_pkg_get_version

This commit fixes the incorrect dereferencing of pointers when
retrieving data from the name/version members of the pkg_info
structure in the isu_pkg_get_name/isu_pkg_get_version functions
of the libisu public API.

Although a situation where an instance of the pkg_info structure is
correctly allocated, but its name/version components are NULL, should
not occur during normal usage, public functions must be resilient to
such malformed arguments and respond with an appropriate error rather
than a segfault.

Change-Id: I641b003568a0db79eab79f192c2f612bb6900721
---

diff --git a/src/libisu/libisu.c b/src/libisu/libisu.c
index a2847da..0c2faa0 100644
--- a/src/libisu/libisu.c
+++ b/src/libisu/libisu.c
@@ -104,6 +104,10 @@ isu_result isu_pkg_get_name(isu_pkg_info pkg_info, char *name, size_t len)
 
     struct _isu_pkg_info* pkg_info_i = (struct _isu_pkg_info*)pkg_info;
 
+    if (pkg_info_i->name == NULL) {
+        return ISU_RES_ERR_INTERNAL;
+    }
+
     if (len < strlen(pkg_info_i->name)) {
         return ISU_RES_ERR_BUFF_TOO_SMALL;
     }
@@ -123,6 +127,10 @@ isu_result isu_pkg_get_version(isu_pkg_info pkg_info, char *version, size_t len)
 
     struct _isu_pkg_info* pkg_info_i = (struct _isu_pkg_info*)pkg_info;
 
+    if (pkg_info_i->version == NULL) {
+        return ISU_RES_ERR_INTERNAL;
+    }
+
     if (len < strlen(pkg_info_i->version)) {
         return ISU_RES_ERR_BUFF_TOO_SMALL;
     }