diff options
author | Sean McBride <sean@rogue-research.com> | 2018-01-04 22:17:24 -0500 |
---|---|---|
committer | Chris Dickens <christopher.a.dickens@gmail.com> | 2018-01-08 22:11:40 -0800 |
commit | fef88bf2b91ee4d7cfcc9d3b799a2996ecfe0d2c (patch) | |
tree | ba6fd03b2b6f0636a6ddfe26c4825501c71967bd | |
parent | 4f9d58564ed8ee81afc3884fa35a57b16e9bacca (diff) | |
download | libusb-fef88bf2b91ee4d7cfcc9d3b799a2996ecfe0d2c.tar.gz |
darwin: Improve error checking to prevent (very unlikely) null dereference
Defend against the very unlikely possibility of CFNumberCreate() returning null.
Signed-off-by: Chris Dickens <christopher.a.dickens@gmail.com>
-rw-r--r-- | libusb/os/darwin_usb.c | 19 | ||||
-rw-r--r-- | libusb/version_nano.h | 2 |
2 files changed, 11 insertions, 10 deletions
diff --git a/libusb/os/darwin_usb.c b/libusb/os/darwin_usb.c index 6279a4f..35ea1c3 100644 --- a/libusb/os/darwin_usb.c +++ b/libusb/os/darwin_usb.c @@ -233,20 +233,21 @@ static int usb_setup_device_iterator (io_iterator_t *deviceIterator, UInt32 loca &kCFTypeDictionaryKeyCallBacks, &kCFTypeDictionaryValueCallBacks); - if (propertyMatchDict) { - /* there are no unsigned CFNumber types so treat the value as signed. the os seems to do this - internally (CFNumberType of locationID is 3) */ - CFTypeRef locationCF = CFNumberCreate (NULL, kCFNumberSInt32Type, &location); + /* there are no unsigned CFNumber types so treat the value as signed. the OS seems to do this + internally (CFNumberType of locationID is kCFNumberSInt32Type) */ + CFTypeRef locationCF = CFNumberCreate (NULL, kCFNumberSInt32Type, &location); + if (propertyMatchDict && locationCF) { CFDictionarySetValue (propertyMatchDict, CFSTR(kUSBDevicePropertyLocationID), locationCF); - /* release our reference to the CFNumber (CFDictionarySetValue retains it) */ - CFRelease (locationCF); - CFDictionarySetValue (matchingDict, CFSTR(kIOPropertyMatchKey), propertyMatchDict); - /* release out reference to the CFMutableDictionaryRef (CFDictionarySetValue retains it) */ - CFRelease (propertyMatchDict); } /* else we can still proceed as long as the caller accounts for the possibility of other devices in the iterator */ + + /* release our references as per the Create Rule */ + if (propertyMatchDict) + CFRelease (propertyMatchDict); + if (locationCF) + CFRelease (locationCF); } return IOServiceGetMatchingServices(kIOMasterPortDefault, matchingDict, deviceIterator); diff --git a/libusb/version_nano.h b/libusb/version_nano.h index f263a06..7e638ba 100644 --- a/libusb/version_nano.h +++ b/libusb/version_nano.h @@ -1 +1 @@ -#define LIBUSB_NANO 11292 +#define LIBUSB_NANO 11293 |