OpenSLP / Bugs / #98 Passing pcScopeList == NULL to SLPFindSrvs may lead to SEGV

#98 Passing pcScopeList == NULL to SLPFindSrvs may lead to SEGV

Milestone: v1.2.2

Status: open

Owner: John Calcote

Labels: libslp - handle (15)

Priority: 5

Updated: 2017-04-07

Created: 2008-04-17

Creator: Przemyslaw Strzelczak

Private: No

Passing pcScopeList == NULL to SLPFindSrvs may lead to SIGSEGV.

This is because in the following code:
if(pcScopeList && *pcScopeList)
{
handle->params.findsrvs.scopelistlen = strlen(pcScopeList);
handle->params.findsrvs.scopelist = pcScopeList;
}
else
{
handle->params.findsrvs.scopelist = SLPGetProperty("net.slp.useScopes");
handle->params.findsrvs.scopelistlen = strlen(handle->params.findsrvs.scopelist);
}

If the second branch is entered and SLPGetProperty() returns NULL pointer (according to its code it can) then you the next line will fail with SIGSEGV since this is the way strlen() behaves on NULL pointers.

The bug occurred during real execution so it is not just theoretical problem.

The version used was 1.2.1.

Discussion

John Calcote - 2017-04-07

fixed in 2.0 code base.

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

John Calcote - 2017-04-07

assigned_to: John Calcote

Group: --> v1.2.2
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Passing pcScopeList == NULL to SLPFindSrvs may lead to SEGV

Group

Searches

Help

#98 Passing pcScopeList == NULL to SLPFindSrvs may lead to SEGV

Discussion