projects / platform / core / connectivity / bluetooth-frwk.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 6906a6b)
Fix NULL Returns in bt-api/bt-hid-device.c 44/42044/1
authorAtul Rai <a.rai@samsung.com>
Mon, 22 Jun 2015 11:06:23 +0000 (16:36 +0530)
committerAtul Rai <a.rai@samsung.com>
Mon, 22 Jun 2015 11:06:23 +0000 (16:36 +0530)
This patch added NULL return check after malloc to prevent
bt-service crash in case enough memory could not be allocated.

Change-Id: I352304f24c2180cdebdd5ac4393e3e4b0c4b28d5
Signed-off-by: Atul Rai <a.rai@samsung.com>
bt-api/bt-hid-device.c patch | blob | history

diff --git a/bt-api/bt-hid-device.c b/bt-api/bt-hid-device.c
index bd046ad..2631e12 100644 (file)
--- a/bt-api/bt-hid-device.c
+++ b/bt-api/bt-hid-device.c
@@ -245,14 +245,26 @@ static gboolean __received_cb(GIOChannel *chan, GIOCondition cond,
                                data.type = HTYPE_TRANS_HANDSHAKE;
                                data.buffer_size = len;
                                data.buffer = (char *) malloc(sizeof(char) * len);
-                               memcpy(data.buffer, buffer, len);
+                               /* Fix : NULL_RETURNS */
+                               if (NULL == data.buffer) {
+                                       BT_ERR("Failed to allocate memory");
+                                       data.buffer_size = 0;
+                               } else {
+                                       memcpy(data.buffer, buffer, len);
+                               }
                        break;
                        case HIDP_TRANS_HID_CONTROL:
                                BT_INFO("HID CONTROL");
                                data.type = HTYPE_TRANS_HID_CONTROL;
                                data.buffer_size = len;
                                data.buffer = (char *) malloc(sizeof(char) * len);
-                               memcpy(data.buffer, buffer, len);
+                               /* Fix : NULL_RETURNS */
+                               if (NULL == data.buffer) {
+                                       BT_ERR("Failed to allocate memory");
+                                       data.buffer_size = 0;
+                               } else {
+                                       memcpy(data.buffer, buffer, len);
+                               }
                        break;
                        case HIDP_TRANS_DATA:
                                BT_INFO("TRANS DATA");
@@ -262,14 +274,26 @@ static gboolean __received_cb(GIOChannel *chan, GIOCondition cond,
                                        data.param = PTYPE_DATA_RTYPE_INPUT;
                                        data.buffer_size = len;
                                        data.buffer = (char *) malloc(sizeof(char) * len);
-                                       memcpy(data.buffer, buffer, len);
+                                       /* Fix : NULL_RETURNS */
+                                       if (NULL == data.buffer) {
+                                               BT_ERR("Failed to allocate memory");
+                                               data.buffer_size = 0;
+                                       } else {
+                                               memcpy(data.buffer, buffer, len);
+                                       }
                                }
                                else {
                                        BT_INFO("Out Report");
                                        data.param = PTYPE_DATA_RTYPE_OUTPUT;
                                        data.buffer_size = len;
                                        data.buffer = (char *) malloc(sizeof(char) * len);
-                                       memcpy(data.buffer, buffer, len);
+                                       /* Fix : NULL_RETURNS */
+                                       if (NULL == data.buffer) {
+                                               BT_ERR("Failed to allocate memory");
+                                               data.buffer_size = 0;
+                                       } else {
+                                               memcpy(data.buffer, buffer, len);
+                                       }
                                }
                        break;
                        case HIDP_TRANS_GET_REPORT: {
@@ -284,7 +308,13 @@ static gboolean __received_cb(GIOChannel *chan, GIOCondition cond,
                                }
                                data.buffer_size = len;
                                data.buffer = (char *) malloc(sizeof(char) * len);
-                               memcpy(data.buffer, buffer, len);
+                               /* Fix : NULL_RETURNS */
+                               if (NULL == data.buffer) {
+                                       BT_ERR("Failed to allocate memory");
+                                       data.buffer_size = 0;
+                               } else {
+                                       memcpy(data.buffer, buffer, len);
+                               }
                                break;
                        }
                        case HIDP_TRANS_SET_REPORT: {
@@ -299,7 +329,13 @@ static gboolean __received_cb(GIOChannel *chan, GIOCondition cond,
                                }
                                data.buffer_size = len;
                                data.buffer = (char *) malloc(sizeof(char) * len);
-                               memcpy(data.buffer, buffer, len);
+                               /* Fix : NULL_RETURNS */
+                               if (NULL == data.buffer) {
+                                       BT_ERR("Failed to allocate memory");
+                                       data.buffer_size = 0;
+                               } else {
+                                       memcpy(data.buffer, buffer, len);
+                               }
                                break;
                        }
                        case HIDP_TRANS_GET_PROTOCOL:{
@@ -308,7 +344,13 @@ static gboolean __received_cb(GIOChannel *chan, GIOCondition cond,
                                data.param = PTYPE_DATA_RTYPE_INPUT;
                                data.buffer_size = len;
                                data.buffer = (char *) malloc(sizeof(char) * len);
-                               memcpy(data.buffer, buffer, len);
+                               /* Fix : NULL_RETURNS */
+                               if (NULL == data.buffer) {
+                                       BT_ERR("Failed to allocate memory");
+                                       data.buffer_size = 0;
+                               } else {
+                                       memcpy(data.buffer, buffer, len);
+                               }
                                break;
                        }
                        case HIDP_TRANS_SET_PROTOCOL:{
@@ -317,7 +359,13 @@ static gboolean __received_cb(GIOChannel *chan, GIOCondition cond,
                                data.param = PTYPE_DATA_RTYPE_INPUT;
                                data.buffer_size = len;
                                data.buffer = (char *) malloc(sizeof(char) * len);
-                               memcpy(data.buffer, buffer, len);
+                               /* Fix : NULL_RETURNS */
+                               if (NULL == data.buffer) {
+                                       BT_ERR("Failed to allocate memory");
+                                       data.buffer_size = 0;
+                               } else {
+                                       memcpy(data.buffer, buffer, len);
+                               }
                                break;
                        }
                        default: {
Domain: Network & Connectivity / Bluetooth;