diff options
author | Petteri Aimonen <jpa@git.mail.kapsi.fi> | 2021-06-04 08:32:54 +0300 |
---|---|---|
committer | Petteri Aimonen <jpa@git.mail.kapsi.fi> | 2021-06-04 19:11:18 +0300 |
commit | 773d98714a8e9f18e0b75335735a95dc2b1c278f (patch) | |
tree | c332a1de3b0e927fd53b9d887b2eddbf9ebc24fd /pb_decode.c | |
parent | 98a4911bab0c7273824b4165e0633228e1cdf66a (diff) |
Explicitly check for pItem == NULL to satisfy Xcode analyzer (#667, #674)
As far as I can tell, the logic above this line does work correctly and
calls `allocate_field()` in any case where iter->pData could point to pointer
to NULL. But the logic depends on PB_SIZE_MAX and other subtle points, which
may be why static analyzers complain. This commit makes it explicitly check
and error out.
Diffstat (limited to 'pb_decode.c')
-rw-r--r-- | pb_decode.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/pb_decode.c b/pb_decode.c index 790df75..d9ecf25 100644 --- a/pb_decode.c +++ b/pb_decode.c @@ -701,6 +701,12 @@ static bool checkreturn decode_pointer_field(pb_istream_t *stream, pb_wire_type_ /* Decode the array entry */ field->pData = *(char**)field->pField + field->data_size * (*size); + if (field->pData == NULL) + { + /* Shouldn't happen, but satisfies static analyzers */ + status = false; + break; + } initialize_pointer_field(field->pData, field); if (!decode_basic_field(&substream, PB_WT_PACKED, field)) { |