From 72997944d5ee7f165fe04f1ac451d115e97d75e9 Mon Sep 17 00:00:00 2001 From: Joe Watkins Date: Sat, 10 Dec 2016 13:34:08 +0000 Subject: [PATCH] Check the result of the call to serialize json object before calling strdup --- u2f-server/core.c | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) Index: libu2f-server-1.0.1/u2f-server/core.c =================================================================== --- libu2f-server-1.0.1.orig/u2f-server/core.c +++ libu2f-server-1.0.1/u2f-server/core.c @@ -381,6 +381,7 @@ static int registration_challenge_json(c struct json_object *json_version = NULL; struct json_object *json_appid = NULL; struct json_object *json_output = NULL; + const char *json_string = NULL; rc = U2FS_JSON_ERROR; @@ -402,8 +403,11 @@ static int registration_challenge_json(c json_object_object_add(json_output, "version", json_version); json_object_object_add(json_output, "appId", json_appid); - *output = strdup(json_object_to_json_string(json_output)); - if (*output == NULL) + json_string = json_object_to_json_string(json_output); + + if (json_string == NULL) + rc = U2FS_JSON_ERROR; + else if ((*output = strdup(json_string)) == NULL) rc = U2FS_MEMORY_ERROR; else rc = U2FS_OK; @@ -951,6 +955,7 @@ static int authentication_challenge_json struct json_object *json_version = NULL; struct json_object *json_appid = NULL; struct json_object *json_output = NULL; + const char *json_string = NULL; rc = U2FS_JSON_ERROR; @@ -976,8 +981,11 @@ static int authentication_challenge_json json_object_object_add(json_output, "challenge", json_challenge); json_object_object_add(json_output, "appId", json_appid); - *output = strdup(json_object_to_json_string(json_output)); - if (*output == NULL) + json_string = json_object_to_json_string(json_output); + + if (json_string == NULL) + rc = U2FS_JSON_ERROR; + else if ((*output = strdup(json_string)) == NULL) rc = U2FS_MEMORY_ERROR; else rc = U2FS_OK;