[Asterisk-code-review] res_geoloc: fix NULL pointer dereference bug (asterisk[20])

Joshua Colp asteriskteam at digium.com
Tue Dec 13 10:55:59 CST 2022


Joshua Colp has submitted this change. ( https://gerrit.asterisk.org/c/asterisk/+/19704 )

Change subject: res_geoloc: fix NULL pointer dereference bug
......................................................................

res_geoloc: fix NULL pointer dereference bug

The `ast_geoloc_datastore_add_eprofile` function does not return 0 on
success, it returns the size of the underlying datastore. This means
that the datastore will be freed and its pointer set to NULL when no
error occured at all.

ASTERISK-30346

Change-Id: Iea9b209bd1244cc57b903b9496cb680c356e4bb9
---
M res/res_geolocation/geoloc_datastore.c
1 file changed, 18 insertions(+), 2 deletions(-)

Approvals:
  Joshua Colp: Looks good to me, but someone else must approve; Approved for Submit
  George Joseph: Looks good to me, approved
  N A: Looks good to me, but someone else must approve




diff --git a/res/res_geolocation/geoloc_datastore.c b/res/res_geolocation/geoloc_datastore.c
index 040a9bd..4e7a85e 100644
--- a/res/res_geolocation/geoloc_datastore.c
+++ b/res/res_geolocation/geoloc_datastore.c
@@ -255,7 +255,7 @@
 	}
 
 	rc = ast_geoloc_datastore_add_eprofile(ds, eprofile);
-	if (rc != 0) {
+	if (rc <= 0) {
 		ast_datastore_free(ds);
 		ds = NULL;
 	}
@@ -297,7 +297,7 @@
 
 	rc = ast_geoloc_datastore_add_eprofile(ds, eprofile);
 	ao2_ref(eprofile, -1);
-	if (rc != 0) {
+	if (rc <= 0) {
 		ast_datastore_free(ds);
 		ds = NULL;
 	}

-- 
To view, visit https://gerrit.asterisk.org/c/asterisk/+/19704
To unsubscribe, or for help writing mail filters, visit https://gerrit.asterisk.org/settings

Gerrit-Project: asterisk
Gerrit-Branch: 20
Gerrit-Change-Id: Iea9b209bd1244cc57b903b9496cb680c356e4bb9
Gerrit-Change-Number: 19704
Gerrit-PatchSet: 2
Gerrit-Owner: Alexandre Fournier <afournier at wazo.io>
Gerrit-Reviewer: Friendly Automation
Gerrit-Reviewer: George Joseph <gjoseph at digium.com>
Gerrit-Reviewer: Joshua Colp <jcolp at sangoma.com>
Gerrit-Reviewer: N A <asterisk at phreaknet.org>
Gerrit-MessageType: merged
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-code-review/attachments/20221213/2cc355cf/attachment.html>


More information about the asterisk-code-review mailing list