dali/bacnet_stack
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

bugfix: add null pointer check for value when resetting device identifier in bacdevobjpropref (#1321)

Browse Source 
* fix: add null pointer check for value when resetting device identifier in bacdevobjpropref

* test: add regression test for bacnet_device_object_reference_decode with null value pointer
This commit is contained in:
Steve Karg
2026-04-29 07:27:19 -05:00
committed by GitHub
parent d53d9ea371
commit fe74113318
2 changed files with 12 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/bacnet/bacdevobjpropref.c
+4 -2
View File
@@ -489,8 +489,10 @@ int bacnet_device_object_reference_decode(
return BACNET_STATUS_ERROR;
} else {
/* OPTIONAL - skip apdu_len increment */
value->deviceIdentifier.type = BACNET_NO_DEV_TYPE;
value->deviceIdentifier.instance = BACNET_NO_DEV_ID;
if (value) {
value->deviceIdentifier.type = BACNET_NO_DEV_TYPE;
value->deviceIdentifier.instance = BACNET_NO_DEV_ID;
}
}
/* object-identifier [1] BACnetObjectIdentifier */
len = bacnet_object_id_context_decode(
test/bacnet/bacdevobjpropref/src/main.c
+8
View File
@@ -172,6 +172,14 @@ static void testDevIdRef(void)
test_len =
bacnet_device_object_reference_decode(NULL, sizeof(apdu), &test_data);
zassert_true(test_len <= 0, NULL);
/* verify that NULL value pointer does not crash when the optional
device-identifier field is absent (regression test for the fix
that adds a null check before writing to value->deviceIdentifier) */
data.deviceIdentifier.instance = 0;
data.deviceIdentifier.type = BACNET_NO_DEV_TYPE;
len = bacapp_encode_device_obj_ref(apdu, &data);
null_len = bacnet_device_object_reference_decode(apdu, len, NULL);
zassert_equal(null_len, len, "null_len=%d len=%d", null_len, len);
}
#if defined(CONFIG_ZTEST_NEW_API)