From 921b2278df38077bb87afb33190511ac2431893d Mon Sep 17 00:00:00 2001 From: Holger Hans Peter Freyther Date: Sun, 14 Jul 2013 08:54:07 +0200 Subject: smpp: Fix possible NULL dereference of the emse->acl The esme->acl is treated like it can be NULL in other places of the code. Assume it can be NULL during this check as well. Dereference after null check (FORWARD_NULL) 9. var_deref_op: Dereferencing null pointer "esme->acl". Fixes: Coverity CID 1042374 --- openbsc/src/libmsc/smpp_openbsc.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'openbsc/src/libmsc/smpp_openbsc.c') diff --git a/openbsc/src/libmsc/smpp_openbsc.c b/openbsc/src/libmsc/smpp_openbsc.c index e41d37776..f898cae6f 100644 --- a/openbsc/src/libmsc/smpp_openbsc.c +++ b/openbsc/src/libmsc/smpp_openbsc.c @@ -504,7 +504,7 @@ unknown_mo: } /* Transparently pass on DCS via SMPP if requested */ - if (esme->acl->dcs_transparent) + if (esme->acl && esme->acl->dcs_transparent) deliver.data_coding = dcs; if (mode == MODE_7BIT) { @@ -530,7 +530,7 @@ unknown_mo: memcpy(deliver.short_message, sms->user_data, deliver.sm_length); } - if (esme->acl->osmocom_ext && conn && conn->lchan) + if (esme->acl && esme->acl->osmocom_ext && conn && conn->lchan) append_osmo_tlvs(&deliver.tlv, conn->lchan); return smpp_tx_deliver(esme, &deliver); -- cgit v1.2.3