requester: Add null check in pldm_instance_id_free
pldm_instance_id_free() function does not check for a valid
ctx object before dereferencing it. Hence it could cause
crash when its clients pass a null pointer by accident.
Change-Id: I4f06127eef16d2ab147e4c5a73a47850d7f5e546
Signed-off-by: Manojkiran Eda <manojkiran.eda@gmail.com>
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 95a70fb..d26c123 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -69,6 +69,7 @@
- meson: sizes.h: add includedir to install path
- pdr: Create entity association PDRs with unique record handle
- requester: add null check for instance db object in pldm_instance_id_alloc()
+- requester: add null check for instance db object in pldm_instance_id_free()
### Security
diff --git a/src/requester/instance-id.c b/src/requester/instance-id.c
index 10dc276..112a77a 100644
--- a/src/requester/instance-id.c
+++ b/src/requester/instance-id.c
@@ -219,6 +219,11 @@
struct flock flop;
int rc;
+ /* check if provided context is null */
+ if (!ctx) {
+ return -EINVAL;
+ }
+
/* Trying to free an instance ID that is not currently allocated */
if (!(ctx->state[tid].allocations & BIT(iid))) {
return -EINVAL;
diff --git a/tests/instance-id.cpp b/tests/instance-id.cpp
index ed94c59..99025f7 100644
--- a/tests/instance-id.cpp
+++ b/tests/instance-id.cpp
@@ -94,6 +94,15 @@
EXPECT_EQ(pldm_instance_id_alloc(db, tid, &iid), -EINVAL);
}
+TEST_F(PldmInstanceDbTest, freeOnNulldb)
+{
+ struct pldm_instance_db* db = nullptr;
+ const pldm_tid_t tid = 1;
+ pldm_instance_id_t iid = 1;
+
+ EXPECT_EQ(pldm_instance_id_free(db, tid, iid), -EINVAL);
+}
+
TEST_F(PldmInstanceDbTest, allocFreeOne)
{
struct pldm_instance_db* db = nullptr;