From c9ce9e7eb4fc227ee46c6982722330aa301d317c Mon Sep 17 00:00:00 2001 From: Jaehyun Kim Date: Thu, 2 Sep 2021 10:26:57 +0900 Subject: [PATCH] Fix NULL pointer dereference Thread 1 (LWP 13957): >0 count_assoc_reject (key=0x0, value=0x0, user_data=0xbe0a3928) at src/service.c:843 --> connman (rpm) >1 0xb6654674 in g_hash_table_foreach (hash_table=0x533200, func=0x4700ad , user_data=user_data@entry=0xbe0a3928) at ../glib/ghash.c:2056 --> libglib (rpm) >2 0x0047bf9a in update_assoc_reject (service=0x4fb2a0, service=0x4fb2a0) at src/service.c:857 --> connman (rpm) >3 __connman_service_update_from_network (network=network@entry=0x50d6a0) at src/service.c:11004 --> connman (rpm) >4 0x0046a9f4 in connman_network_set_group (network=network@entry=0x50d6a0, group=group@entry=0x560ff8 "") at src/network.c:1587 --> connman (rpm) >5 0x0044f12c in network_added (supplicant_network=0x51d430) at plugins/wifi.c:5031 --> connman (rpm) >6 0x004516ba in callback_network_added (network=) at gsupplicant/supplicant.c:828 --> connman (rpm) >7 scan_network_update (iter=, user_data=0x4f0380) at gsupplicant/supplicant.c:3790 --> connman (rpm) Change-Id: I2f6e86c492dbc621b1c9f48506e8a89326568664 Signed-off-by: Jaehyun Kim --- src/service.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/service.c b/src/service.c index 2b69a0b..a409162 100755 --- a/src/service.c +++ b/src/service.c @@ -813,7 +813,8 @@ static void count_assoc_reject(gpointer key, gpointer value, gpointer user_data) struct assoc_reject_data *assoc_data = value; int *assoc_reject_count = user_data; - *assoc_reject_count += g_slist_length(assoc_data->reject_time_list); + if (assoc_data) + *assoc_reject_count += g_slist_length(assoc_data->reject_time_list); } static bool update_assoc_reject(struct connman_service *service) -- 2.7.4