Re: [PATCH] android/tester: Fix possible NULL pointer passing to function

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi Andrei,

On 9 October 2014 12:16, Andrei Emeltchenko
<Andrei.Emeltchenko.news@xxxxxxxxx> wrote:
> From: Andrei Emeltchenko <andrei.emeltchenko@xxxxxxxxx>
>
> Silence code analyzers and follow strict C standard where passing NULL
> pointer results in undefined behaviour.
> ---
>  android/tester-main.c | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/android/tester-main.c b/android/tester-main.c
> index 30e1c59..ee3444f 100644
> --- a/android/tester-main.c
> +++ b/android/tester-main.c
> @@ -801,12 +801,12 @@ static bool match_data(struct step *step)
>                         return false;
>                 }
>
> -       if (exp->store_srvc_handle)
> +       if (exp->store_srvc_handle && step->callback_result.srvc_handle)
>                 memcpy(exp->store_srvc_handle,
>                                         step->callback_result.srvc_handle,
>                                         sizeof(*exp->store_srvc_handle));
>
> -       if (exp->store_char_handle)
> +       if (exp->store_char_handle && step->callback_result.char_handle)
>                 memcpy(exp->store_char_handle,
>                                         step->callback_result.char_handle,
>                                         sizeof(*exp->store_char_handle));
> --
> 1.9.1
>
> --
> To unsubscribe from this list: send the line "unsubscribe linux-bluetooth" in
> the body of a message to majordomo@xxxxxxxxxxxxxxx
> More majordomo info at  http://vger.kernel.org/majordomo-info.html


I think it can cause test cause bad behavior by not setting variable
if test step is obliged to do it.
Test cases are defined in this way that one step e.g. 'A' stores
service handle and step 'B' uses this handle.
If value is not set it cause wrong test case behavior in next steps.
This check of exp (if store of srvc handle is mandatory for this step)
and step srvc handle (received in callback) only mask problem
 with storing attribute handle value - in result it shows only that
memory was not duplicated well while copying data from incoming
callback handler.
Summarizing - we consciously force writing this srvc, char handle
value, if something is wrong - that means something with test
case is wrong and it should be fixed.

Best way to handle it - static analyzer and this logic safe is to do
it in this way:
  "if (exp->store_srvc_handle) {
              if (!step->callback_result.srvc_handle) {
                         tester_debug("wrong srvc handle received in callback");
                         return false;
              } else {
                         memcpy(exp->store_char_handle,
step->callback_result.char_handle,

           sizeof(*exp->store_char_handle));
              }
   }

Best Regards,
Grzegorz
--
To unsubscribe from this list: send the line "unsubscribe linux-bluetooth" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html




[Index of Archives]     [Bluez Devel]     [Linux Wireless Networking]     [Linux Wireless Personal Area Networking]     [Linux ATH6KL]     [Linux USB Devel]     [Linux Media Drivers]     [Linux Audio Users]     [Linux Kernel]     [Linux SCSI]     [Big List of Linux Books]

  Powered by Linux