pdr: Always uphold expectations of get_next_record_handle()
pldm_pdr_get_next_record() uses assert() to validate its arguments.
While this is usually a concern, get_next_record_handle() is internal
and can instead be protected at the public API boundary.
Add tests for the validity of parameters to pldm_pdr_find_record() and
pldm_pdr_get_next_record(), the callers of get_next_record_handle().
Both functions return pointers, and already return NULL on error.
Correct invocation must therefore already validate the returned pointer,
thus it is valid to also return NULL in the case of invalid arguments.
Signed-off-by: Andrew Jeffery <andrew@aj.id.au>
Change-Id: I07596acc9da7427d785b8b9db11eb84219fb8a5d
diff --git a/src/pdr.c b/src/pdr.c
index 55350a8..657612d 100644
--- a/src/pdr.c
+++ b/src/pdr.c
@@ -154,10 +154,14 @@
assert(data != NULL);
assert(size != NULL);
assert(next_record_handle != NULL);
+ if (!repo || !data || !size || !next_record_handle) {
+ return NULL;
+ }
if (!record_handle && (repo->first != NULL)) {
record_handle = repo->first->record_handle;
}
+
pldm_pdr_record *record = repo->first;
while (record != NULL) {
if (record->record_handle == record_handle) {
@@ -186,6 +190,9 @@
assert(data != NULL);
assert(size != NULL);
assert(next_record_handle != NULL);
+ if (!repo || !curr_record || !data || !size || !next_record_handle) {
+ return NULL;
+ }
if (curr_record == repo->last) {
*data = NULL;