diff options
| author | Andre Heinecke <[email protected]> | 2018-07-18 11:02:32 +0000 |
|---|---|---|
| committer | Andre Heinecke <[email protected]> | 2018-07-18 11:05:48 +0000 |
| commit | 82e4b900a96c837392259469a9a5821a95e7a707 (patch) | |
| tree | 534d1de3fa528f286b427c87fa9e0dd08c0c1c24 /src/gpgme-json.c | |
| parent | json: Fix memory errors in create_keylist_patterns (diff) | |
| download | gpgme-82e4b900a96c837392259469a9a5821a95e7a707.tar.gz gpgme-82e4b900a96c837392259469a9a5821a95e7a707.zip | |
json: Fix crash by ensuring response is never NULL
* src/gpgme-json.c (encode_and_chunk): Try to always
return at least an error.
(process_request): Double check that it does not return NULL.
--
If process_request returns NULL the following strlen on it
would crash.
Diffstat (limited to 'src/gpgme-json.c')
| -rw-r--r-- | src/gpgme-json.c | 50 |
1 files changed, 43 insertions, 7 deletions
diff --git a/src/gpgme-json.c b/src/gpgme-json.c index 87b40a2e..edd3d32e 100644 --- a/src/gpgme-json.c +++ b/src/gpgme-json.c @@ -1473,13 +1473,28 @@ encode_and_chunk (cjson_t request, cjson_t response) data = cJSON_PrintUnformatted (response); if (!data) - goto leave; + { + err = GPG_ERR_NO_DATA; + goto leave; + } + + if (!request) + { + err = GPG_ERR_INV_VALUE; + goto leave; + } if ((err = get_chunksize (request, &chunksize))) - goto leave; + { + err = GPG_ERR_INV_VALUE; + goto leave; + } if (!chunksize) - goto leave; + { + err = GPG_ERR_INV_VALUE; + goto leave; + } pending_data.buffer = data; /* Data should already be encoded so that it does not @@ -1500,14 +1515,22 @@ encode_and_chunk (cjson_t request, cjson_t response) leave: xfree (getmore_request); + if (!err && !data) + { + err = GPG_ERR_GENERAL; + } + if (err) { cjson_t err_obj = gpg_error_object (NULL, err, "Encode and chunk failed: %s", gpgme_strerror (err)); + xfree (data); if (opt_interactive) - return cJSON_Print (err_obj); - return cJSON_PrintUnformatted (err_obj); + data = cJSON_Print (err_obj); + data = cJSON_PrintUnformatted (err_obj); + + cJSON_Delete (err_obj); } return data; @@ -3187,13 +3210,26 @@ process_request (const char *request) else res = cJSON_PrintUnformatted (response); } - else if (json) + else res = encode_and_chunk (json, response); if (!res) - log_error ("Printing JSON data failed\n"); + { + log_error ("Printing JSON data failed\n"); + cjson_t err_obj = error_object (NULL, "Printing JSON data failed"); + if (opt_interactive) + res = cJSON_Print (err_obj); + res = cJSON_PrintUnformatted (err_obj); + cJSON_Delete (err_obj); + } cJSON_Delete (json); cJSON_Delete (response); + + if (!res) + { + /* Can't happen unless we created a broken error_object above */ + return strdup ("Bug: Fatal error in process request\n"); + } return res; } |