From a2a2108fce9a5cebaee17f29bda8d9edf6a0fbc8 Mon Sep 17 00:00:00 2001
From: Daiki Ueno <dueno@redhat.com>
Date: Mon, 29 May 2017 17:15:19 +0200
Subject: rpc: Avoid calling memcmp() on NULL buffer

Spotted by clang-analyzer.
---
 p11-kit/rpc-message.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'p11-kit')

diff --git a/p11-kit/rpc-message.c b/p11-kit/rpc-message.c
index 32f5a45..803063f 100644
--- a/p11-kit/rpc-message.c
+++ b/p11-kit/rpc-message.c
@@ -191,7 +191,9 @@ p11_rpc_message_parse (p11_rpc_message *msg,
 	msg->sigverify = msg->signature;
 
 	/* Verify the incoming signature */
-	if (!p11_rpc_buffer_get_byte_array (msg->input, &msg->parsed, &val, &len)) {
+	if (!p11_rpc_buffer_get_byte_array (msg->input, &msg->parsed, &val, &len) ||
+	    /* This can happen if the length header == 0xffffffff */
+	    val == NULL) {
 		p11_message ("invalid message: couldn't read signature");
 		return false;
 	}
-- 
cgit v1.1