Potential NULL pointer dereference bug in callInternal()

[hariramshankar]

In the function callInternal(), client->client->dataReceived is dereferenced unconditionally before it is checked for NULL: https://github.com/kubernetes-client/c/blob/master/kubernetes/src/generic.c#L62

char* callInternal(genericClient_t *client,
                   const char *path, list_t *queryParameters, list_t *headerParameters, list_t *formParameters, list_t *headerType, list_t *contentType, const char *body, const char *method)
{
    apiClient_invoke(client->client, path, queryParameters, headerParameters, formParameters, headerType, contentType, body, method);

    if (client->client->response_code == 401) {
        return NULL;
    }
    char* elementToReturn =  strndup((char*)client->client->dataReceived, client->client->dataReceivedLen); <<<<<<

    if (client->client->dataReceived) {
        free(client->client->dataReceived);
        client->client->dataReceived = NULL;
        client->client->dataReceivedLen = 0;
    }

    return elementToReturn;
}

[ityuhui]

Thanks for finding this issue. Would you like to submit a PR to fix it?

[WookiesRpeople2]

Hi I was wondering if this issue is still open and if so I would like to work on this :)

[ityuhui]

Hi I was wondering if this issue is still open and if so I would like to work on this :)

Yes. It's still open now and welcome the contributions!

[k8s-triage-robot]

The Kubernetes project currently lacks enough contributors to adequately respond to all issues.

This bot triages un-triaged issues according to the following rules:

• After 90d of inactivity, lifecycle/stale is applied
• After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
• After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

• Mark this issue as fresh with /remove-lifecycle stale
• Close this issue with /close
• Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle stale

[k8s-triage-robot]

The Kubernetes project currently lacks enough active contributors to adequately respond to all issues.

This bot triages un-triaged issues according to the following rules:

• After 90d of inactivity, lifecycle/stale is applied
• After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
• After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

• Mark this issue as fresh with /remove-lifecycle rotten
• Close this issue with /close
• Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle rotten

[dhairya-seth]

Hi, I would like to try and fix this. Assigning myself /assign

[dhairya-seth]

I have made some changes in the code. Could anyone please verify if it is correct and suggest me if any modifications are needed?

char* callInternal(genericClient_t *client,
                   const char *path, list_t *queryParameters, list_t *headerParameters, list_t *formParameters, list_t *headerType, list_t *contentType, const char *body, const char *method)
{
    size_t len = 0;
    if (body != NULL) {
        len = strlen(body);
    }
    apiClient_invoke(client->client, path, queryParameters, headerParameters, formParameters, headerType, contentType, body, len, method);

    if (client->client->response_code == 401) {
        return NULL;
    }

    char* elementToReturn = NULL;

    if (client->client->dataReceived) {
        elementToReturn = strndup((char*)client->client->dataReceived, client->client->dataReceivedLen);
        free(client->client->dataReceived);
        client->client->dataReceived = NULL;
        client->client->dataReceivedLen = 0;
    }


    return elementToReturn;
}

[ityuhui]

I think this change is fine. Please follow https://github.com/kubernetes-client/c/blob/master/code-check/code-style-check.md to check the code style and then submit a PR for formal review.

Thank you.

[dhairya-seth]

Working on some other issue, so unassigning myself. /unassign

[k8s-triage-robot]

The Kubernetes project currently lacks enough active contributors to adequately respond to all issues and PRs.

This bot triages issues according to the following rules:

• After 90d of inactivity, lifecycle/stale is applied
• After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
• After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

• Reopen this issue with /reopen
• Mark this issue as fresh with /remove-lifecycle rotten
• Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/close not-planned

[k8s-ci-robot]

@k8s-triage-robot: Closing this issue, marking it as "Not Planned".

In response to this:

The Kubernetes project currently lacks enough active contributors to adequately respond to all issues and PRs.

This bot triages issues according to the following rules:

• After 90d of inactivity, lifecycle/stale is applied
• After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
• After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

• Reopen this issue with /reopen
• Mark this issue as fresh with /remove-lifecycle rotten
• Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/close not-planned

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.