From 33fb658e7862363d43e961a2d76cf3795927aa07 Mon Sep 17 00:00:00 2001
From: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Date: Mon, 16 Jul 2012 10:39:19 -0400
Subject: [PATCH] Filter: validate that field ref strings are non-NULL

Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
---
 liblttng-ust/lttng-filter.c | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/liblttng-ust/lttng-filter.c b/liblttng-ust/lttng-filter.c
index db4d107a..19775c30 100644
--- a/liblttng-ust/lttng-filter.c
+++ b/liblttng-ust/lttng-filter.c
@@ -696,6 +696,11 @@ int lttng_filter_interpret_bytecode(void *filter_data,
 				ref->offset);
 			reg[insn->reg].str =
 				*(const char * const *) &filter_stack_data[ref->offset];
+			if (unlikely(!reg[insn->reg].str)) {
+				dbg_printf("Filter warning: loading a NULL string.\n");
+				ret = -EINVAL;
+				goto end;
+			}
 			reg[insn->reg].type = REG_STRING;
 			reg[insn->reg].seq_len = UINT_MAX;
 			reg[insn->reg].literal = 0;
@@ -716,6 +721,11 @@ int lttng_filter_interpret_bytecode(void *filter_data,
 			reg[insn->reg].str =
 				*(const char **) (&filter_stack_data[ref->offset
 								+ sizeof(unsigned long)]);
+			if (unlikely(!reg[insn->reg].str)) {
+				dbg_printf("Filter warning: loading a NULL sequence.\n");
+				ret = -EINVAL;
+				goto end;
+			}
 			reg[insn->reg].type = REG_STRING;
 			reg[insn->reg].literal = 0;
 			next_pc += sizeof(struct load_op) + sizeof(struct field_ref);
-- 
2.34.1