diff options
author | Mike McTernan <mikemcternan@google.com> | 2024-03-06 20:53:34 +0000 |
---|---|---|
committer | Mike McTernan <mikemcternan@google.com> | 2024-03-06 21:50:38 +0000 |
commit | 91c61110b370de3cad269a6fed39b3c6c184500b (patch) | |
tree | 15f39231ce8a32f08aec819df43e0f35260e5e7b | |
parent | 894a2cb3f63ef18e5a28548806364d23e0d1f02e (diff) | |
download | storage-91c61110b370de3cad269a6fed39b3c6c184500b.tar.gz |
trusty:storage: add missing NULL check to prevent RAM dump
file_get_info() may return NULL on a failed transaction, so check for this to avoid a possible NULL pointer access.
Bug: 325770752
Test: build.py, run storage tests
Change-Id: Id59edb940a6fa98f45d5d557572644d7a1f923e0
-rw-r--r-- | client.c | 7 | ||||
-rw-r--r-- | file.c | 4 |
2 files changed, 10 insertions, 1 deletions
@@ -906,6 +906,11 @@ static bool storage_file_list_iter(struct file_iterate_state* iter, struct obj_ref ref = OBJ_REF_INITIAL_VALUE(ref); file_info = file_get_info(tr, block_mac, &ref); + if (!file_info) { + printf("can't read file entry at %" PRIu64 "\n", + block_mac_to_block(tr, block_mac)); + return true; + } if (strncmp(file_info->path, miter->prefix, miter->prefix_len) == 0) { storage_file_list_add(miter, @@ -1092,4 +1097,4 @@ enum storage_err storage_file_set_size(struct storage_client_session* session, } return STORAGE_NO_ERROR; -}
\ No newline at end of file +} @@ -955,6 +955,10 @@ enum file_op_result file_iterate(struct transaction* tr, } stop = state->file(state, tr, &block_mac, added, removed); + + if (tr->failed) { + return FILE_OP_ERR_FAILED; + } if (stop) { return FILE_OP_SUCCESS; } |