From d9f484bc6f074842bc4ac3eab0127fe3aaa10909 Mon Sep 17 00:00:00 2001 From: =?utf8?q?J=C3=A9r=C3=A9mie=20Galarneau?= Date: Wed, 29 Aug 2018 17:06:48 -0400 Subject: [PATCH] Fix: possible null dereference on communication error MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit lttng_ctl_ask_sessiond_fds_varlen() can return a positive error code and NULL buffers if the sessiond uses a command return code that is already negative. Signed-off-by: Jérémie Galarneau --- src/lib/lttng-ctl/lttng-ctl.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/src/lib/lttng-ctl/lttng-ctl.c b/src/lib/lttng-ctl/lttng-ctl.c index eff08df80..f503fd1cb 100644 --- a/src/lib/lttng-ctl/lttng-ctl.c +++ b/src/lib/lttng-ctl/lttng-ctl.c @@ -1959,6 +1959,11 @@ int lttng_list_events(struct lttng_handle *handle, goto end; } + if (!cmd_header) { + ret = -LTTNG_ERR_UNK; + goto end; + } + /* Set number of events and free command header */ nb_events = cmd_header->nb_events; if (nb_events > INT_MAX) { -- 2.34.1