bugfix: add null pointer check for value when resetting device identifier in bacdevobjpropref (#1321)

* fix: add null pointer check for value when resetting device identifier in bacdevobjpropref

* test: add regression test for bacnet_device_object_reference_decode with null value pointer

src/bacnet/bacdevobjpropref.c

@@ -489,9 +489,11 @@ int bacnet_device_object_reference_decode(
         return BACNET_STATUS_ERROR;
     } else {
         /* OPTIONAL - skip apdu_len increment */
+        if (value) {
             value->deviceIdentifier.type = BACNET_NO_DEV_TYPE;
             value->deviceIdentifier.instance = BACNET_NO_DEV_ID;
         }
+    }
     /* object-identifier [1] BACnetObjectIdentifier */
     len = bacnet_object_id_context_decode(
         &apdu[apdu_len], apdu_size - apdu_len, 1, &object_type,

test/bacnet/bacdevobjpropref/src/main.c

@@ -172,6 +172,14 @@ static void testDevIdRef(void)
     test_len =
         bacnet_device_object_reference_decode(NULL, sizeof(apdu), &test_data);
     zassert_true(test_len <= 0, NULL);
+    /* verify that NULL value pointer does not crash when the optional
+       device-identifier field is absent (regression test for the fix
+       that adds a null check before writing to value->deviceIdentifier) */
+    data.deviceIdentifier.instance = 0;
+    data.deviceIdentifier.type = BACNET_NO_DEV_TYPE;
+    len = bacapp_encode_device_obj_ref(apdu, &data);
+    null_len = bacnet_device_object_reference_decode(apdu, len, NULL);
+    zassert_equal(null_len, len, "null_len=%d len=%d", null_len, len);
 }
 
 #if defined(CONFIG_ZTEST_NEW_API)