Try to fix ipc_net_plmn_sel segmentation fault.
authorPaul Kocialkowski <contact@paulk.fr>
Sat, 18 Aug 2012 14:45:31 +0000 (16:45 +0200)
committerDenis 'GNUtoo' Carikli <GNUtoo@no-log.org>
Fri, 24 Aug 2012 15:54:40 +0000 (17:54 +0200)
Without that fix we have:
  I/DEBUG   ( 2256):          #00  pc 0000ed68  /system/lib/libsamsung-ril.so (ipc_net_plmn_sel)
  I/DEBUG   ( 2256):          #01  pc 0000bdfa  /system/lib/libsamsung-ril.so (ipc_fmt_dispatch)
  I/DEBUG   ( 2256):          #02  pc 0000c6f6  /system/lib/libsamsung-ril.so (ipc_fmt_read_loop)
  I/DEBUG   ( 2256):          #03  pc 0000bff4  /system/lib/libsamsung-ril.so (ril_client_thread)
  I/DEBUG   ( 2256):          #04  pc 00012e2c  /system/lib/libc.so (__thread_entry)
  I/DEBUG   ( 2256):          #05  pc 0001295c  /system/lib/libc.so (pthread_create)

Signed-off-by: Paul Kocialkowski <contact@paulk.fr>
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@no-log.org>
net.c

diff --git a/net.c b/net.c
index e19fb5f..eecdfc6 100644 (file)
--- a/net.c
+++ b/net.c
@@ -795,10 +795,14 @@ void ril_request_query_network_selection_mode(RIL_Token t)
 
 void ipc_net_plmn_sel(struct ipc_message_info *info)
 {
-       struct ipc_net_plmn_sel_get *plmn_sel = (struct ipc_net_plmn_sel_get *) info->data;
-       int ril_mode = ipc2ril_plmn_sel(plmn_sel->plmn_sel);
+       struct ipc_net_plmn_sel_get *plmn_sel;
+       int ril_mode;
 
-       RIL_onRequestComplete(reqGetToken(info->aseq), RIL_E_SUCCESS, &ril_mode, sizeof(int));
+       if (info->data != NULL && info->length >= sizeof(struct ipc_net_plmn_sel_get)) {
+               plmn_sel = (struct ipc_net_plmn_sel_get *) info->data;
+               ril_mode = ipc2ril_plmn_sel(plmn_sel->plmn_sel);
+               RIL_onRequestComplete(reqGetToken(info->aseq), RIL_E_SUCCESS, &ril_mode, sizeof(int));
+       }
 }
 
 void ipc_net_plmn_sel_complete(struct ipc_message_info *info)