CVE: CVE-2021-36217 CVE: CVE-2021-3502 Upstream-Status: Backport Signed-off-by: Ross Burton From 9d31939e55280a733d930b15ac9e4dda4497680c Mon Sep 17 00:00:00 2001 From: Tommi Rantala Date: Mon, 8 Feb 2021 11:04:43 +0200 Subject: [PATCH] Fix NULL pointer crashes from #175 avahi-daemon is crashing when running "ping .local". The crash is due to failing assertion from NULL pointer. Add missing NULL pointer checks to fix it. Introduced in #175 - merge commit 8f75a045709a780c8cf92a6a21e9d35b593bdecd --- avahi-core/browse-dns-server.c | 5 ++++- avahi-core/browse-domain.c | 5 ++++- avahi-core/browse-service-type.c | 3 +++ avahi-core/browse-service.c | 3 +++ avahi-core/browse.c | 3 +++ avahi-core/resolve-address.c | 5 ++++- avahi-core/resolve-host-name.c | 5 ++++- avahi-core/resolve-service.c | 5 ++++- 8 files changed, 29 insertions(+), 5 deletions(-) diff --git a/avahi-core/browse-dns-server.c b/avahi-core/browse-dns-server.c index 049752e9..c2d914fa 100644 --- a/avahi-core/browse-dns-server.c +++ b/avahi-core/browse-dns-server.c @@ -343,7 +343,10 @@ AvahiSDNSServerBrowser *avahi_s_dns_server_browser_new( AvahiSDNSServerBrowser* b; b = avahi_s_dns_server_browser_prepare(server, interface, protocol, domain, type, aprotocol, flags, callback, userdata); + if (!b) + return NULL; + avahi_s_dns_server_browser_start(b); return b; -} \ No newline at end of file +} diff --git a/avahi-core/browse-domain.c b/avahi-core/browse-domain.c index f145d56a..06fa70c0 100644 --- a/avahi-core/browse-domain.c +++ b/avahi-core/browse-domain.c @@ -253,7 +253,10 @@ AvahiSDomainBrowser *avahi_s_domain_browser_new( AvahiSDomainBrowser *b; b = avahi_s_domain_browser_prepare(server, interface, protocol, domain, type, flags, callback, userdata); + if (!b) + return NULL; + avahi_s_domain_browser_start(b); return b; -} \ No newline at end of file +} diff --git a/avahi-core/browse-service-type.c b/avahi-core/browse-service-type.c index fdd22dcd..b1fc7af8 100644 --- a/avahi-core/browse-service-type.c +++ b/avahi-core/browse-service-type.c @@ -171,6 +171,9 @@ AvahiSServiceTypeBrowser *avahi_s_service_type_browser_new( AvahiSServiceTypeBrowser *b; b = avahi_s_service_type_browser_prepare(server, interface, protocol, domain, flags, callback, userdata); + if (!b) + return NULL; + avahi_s_service_type_browser_start(b); return b; diff --git a/avahi-core/browse-service.c b/avahi-core/browse-service.c index 5531360c..63e0275a 100644 --- a/avahi-core/browse-service.c +++ b/avahi-core/browse-service.c @@ -184,6 +184,9 @@ AvahiSServiceBrowser *avahi_s_service_browser_new( AvahiSServiceBrowser *b; b = avahi_s_service_browser_prepare(server, interface, protocol, service_type, domain, flags, callback, userdata); + if (!b) + return NULL; + avahi_s_service_browser_start(b); return b; diff --git a/avahi-core/browse.c b/avahi-core/browse.c index 2941e579..e8a915e9 100644 --- a/avahi-core/browse.c +++ b/avahi-core/browse.c @@ -634,6 +634,9 @@ AvahiSRecordBrowser *avahi_s_record_browser_new( AvahiSRecordBrowser *b; b = avahi_s_record_browser_prepare(server, interface, protocol, key, flags, callback, userdata); + if (!b) + return NULL; + avahi_s_record_browser_start_query(b); return b; diff --git a/avahi-core/resolve-address.c b/avahi-core/resolve-address.c index ac0b29b1..e61dd242 100644 --- a/avahi-core/resolve-address.c +++ b/avahi-core/resolve-address.c @@ -286,7 +286,10 @@ AvahiSAddressResolver *avahi_s_address_resolver_new( AvahiSAddressResolver *b; b = avahi_s_address_resolver_prepare(server, interface, protocol, address, flags, callback, userdata); + if (!b) + return NULL; + avahi_s_address_resolver_start(b); return b; -} \ No newline at end of file +} diff --git a/avahi-core/resolve-host-name.c b/avahi-core/resolve-host-name.c index 808b0e72..4e8e5973 100644 --- a/avahi-core/resolve-host-name.c +++ b/avahi-core/resolve-host-name.c @@ -318,7 +318,10 @@ AvahiSHostNameResolver *avahi_s_host_name_resolver_new( AvahiSHostNameResolver *b; b = avahi_s_host_name_resolver_prepare(server, interface, protocol, host_name, aprotocol, flags, callback, userdata); + if (!b) + return NULL; + avahi_s_host_name_resolver_start(b); return b; -} \ No newline at end of file +} diff --git a/avahi-core/resolve-service.c b/avahi-core/resolve-service.c index 66bf3cae..43771763 100644 --- a/avahi-core/resolve-service.c +++ b/avahi-core/resolve-service.c @@ -519,7 +519,10 @@ AvahiSServiceResolver *avahi_s_service_resolver_new( AvahiSServiceResolver *b; b = avahi_s_service_resolver_prepare(server, interface, protocol, name, type, domain, aprotocol, flags, callback, userdata); + if (!b) + return NULL; + avahi_s_service_resolver_start(b); return b; -} \ No newline at end of file +}