From 856f9ada31fbc6e43ae0bb6ddf52333a81eb7f12 Mon Sep 17 00:00:00 2001
From: Szymon Janc <szymon.janc@tieto.com>
Date: Tue, 7 Aug 2012 14:22:25 +0200
Subject: [PATCH] nfctype1: Fix possible NULL pointer dereference in
 nfctype1_read

Check if memory allocation succeed before dereferencing pointer.
---
 plugins/nfctype1.c | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/plugins/nfctype1.c b/plugins/nfctype1.c
index 3ef8efe..4b78a35 100644
--- a/plugins/nfctype1.c
+++ b/plugins/nfctype1.c
@@ -420,6 +420,11 @@ static int nfctype1_read(uint32_t adapter_idx,
 		memset(t1_cmd.uid, 0, UID_LENGTH);
 
 		cookie = g_try_malloc0(sizeof(struct t1_cookie));
+		if (cookie == NULL) {
+			g_free(uid);
+			return -ENOMEM;
+		}
+
 		cookie->adapter_idx = adapter_idx;
 		cookie->target_idx = target_idx;
 		cookie->cb = cb;
@@ -435,6 +440,11 @@ static int nfctype1_read(uint32_t adapter_idx,
 	memcpy(t1_cmd.uid, uid, UID_LENGTH);
 
 	cookie = g_try_malloc0(sizeof(struct t1_cookie));
+	if (cookie == NULL) {
+		g_free(uid);
+		return -ENOMEM;
+	}
+
 	cookie->adapter_idx = adapter_idx;
 	cookie->target_idx = target_idx;
 	memcpy(cookie->uid, uid, UID_LENGTH);
-- 
2.7.4