Just recurse one more level for the byte array that
corresponds to bonjour data and not for the variant holding
upnp data. This patch prevents a segmentation fault
occuring by dereferencing null upnp data.
---
src/manager.c | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/src/manager.c b/src/manager.c
index e97921b..17fd7ee 100644
--- a/src/manager.c
+++ b/src/manager.c
@@ -399,19 +399,20 @@ static int parse_peers_service_specs(DBusMessageIter
*array,
dbus_message_iter_next(&entry);
dbus_message_iter_recurse(&entry, &inter);
- dbus_message_iter_recurse(&inter, &value);
if (!g_strcmp0(key, "BonjourResponse")) {
+ dbus_message_iter_recurse(&inter, &value);
dbus_message_iter_get_fixed_array(&value,
spec, spec_len);
} else if (!g_strcmp0(key, "BonjourQuery")) {
+ dbus_message_iter_recurse(&inter, &value);
dbus_message_iter_get_fixed_array(&value,
query, query_len);
} else if (!g_strcmp0(key, "UpnpService")) {
- dbus_message_iter_get_basic(&value, spec);
+ dbus_message_iter_get_basic(&inter, spec);
*spec_len = strlen((const char *)*spec)+1;
} else if (!g_strcmp0(key, "UpnpVersion")) {
- dbus_message_iter_get_basic(&value, version);
+ dbus_message_iter_get_basic(&inter, version);
} else
return -EINVAL;
--
1.9.1
_______________________________________________
connman mailing list
connman@connman.net
https://lists.connman.net/mailman/listinfo/connman
