瀏覽代碼

Fix SEGV accessing null pointer if no data for extension object is NULL

See: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=4566

Credit to oss-fuzz
Stefan Profanter 6 年之前
父節點
當前提交
c13656674f
共有 1 個文件被更改,包括 1 次插入1 次删除
  1. 1 1
      src/server/ua_nodes.c

+ 1 - 1
src/server/ua_nodes.c

@@ -298,7 +298,7 @@ copyCommonVariableAttributes(UA_VariableNode *node,
     UA_Boolean valueSet = false;
     if (attr->value.type != NULL && UA_NodeId_equal(&attr->value.type->typeId, &extensionObject)) {
         const UA_ExtensionObject *obj = (const UA_ExtensionObject *)attr->value.data;
-        if (obj->encoding == UA_EXTENSIONOBJECT_ENCODED_BYTESTRING) {
+        if (obj && obj->encoding == UA_EXTENSIONOBJECT_ENCODED_BYTESTRING) {
 
             /* TODO: Once we generate type description in the nodeset compiler,
              * UA_findDatatypeByBinary can be made internal to the decoding