Make wpa_config_read_blob() easier for static analyzers

While encoded == NULL could happen in the case of an empty blob, that
will result in encoded_len == 0 and base64_decode() not derefencing the
src argument. That seems to be too difficult for some static analyzers,
so to avoid false warnings, explicitly reject the encoded == NULL case
without even trying to base64 decode it. (CID 164709)

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>

diff --git a/wpa_supplicant/config_file.c b/wpa_supplicant/config_file.c
index 46a9e0b1e58527a2ac21f268d13d13f3124cd66b..dead8ad1f688416b9bf92c48e2b0c59342c26c03 100644 (file)
--- a/wpa_supplicant/config_file.c
+++ b/wpa_supplicant/config_file.c
@@ -312,7 +312,7 @@ static struct wpa_config_blob * wpa_config_read_blob(FILE *f, int *line,
                encoded_len += len;
        }
 
-       if (!end) {
+       if (!end || !encoded) {
                wpa_printf(MSG_ERROR, "Line %d: blob was not terminated "
                           "properly", *line);
                os_free(encoded);