mirror of
https://gitee.com/openharmony/third_party_libnl
synced 2024-11-24 02:29:50 +00:00
77ae25aad1
The follow leaves a dangling pointer when the name argument is too long:
xfrmnl_sa_set_aead_params:
if (sa->aead)
free (sa->aead);
if ( strlen (alg_name) >= sizeof (sa->aead->alg_name)
|| (sa->aead = calloc (1, newlen)) == NULL)
return -1;
Fix that, but do more:
- ensure that we don't modify the object when the setter is going to
fail. That means, first check whether we can succeed with all the
steps that are requested, and (in case we cannot) fail without
modifing the target object.
- bonus points for making the setter self-assignment safe by reordering
the setting and freeing of the memory.
|
||
|---|---|---|
| .. | ||
| ae.c | ||
| lifetime.c | ||
| sa.c | ||
| selector.c | ||
| sp.c | ||
| template.c | ||