Add missing ptr checks for malloc/calloc/CloseHandle

Megamouse · Megamouse · commit 875dce92b6ae · 2024-10-03T19:00:30.000+02:00
diff --git a/libusb/hid.c b/libusb/hid.c
@@ -1272,6 +1272,10 @@ hid_device * HID_API_EXPORT hid_open_path(const char *path)
 		return NULL;
 
 	dev = new_hid_device();
+	if (!dev) {
+		LOG("hid_open_path failed: Couldn't allocate memory\n");
+		return NULL;
+	}
 
 	libusb_get_device_list(usb_context, &devs);
 	while ((usb_dev = devs[d++]) != NULL && !good_open) {
@@ -1343,6 +1347,10 @@ HID_API_EXPORT hid_device * HID_API_CALL hid_libusb_wrap_sys_device(intptr_t sys
 		return NULL;
 
 	dev = new_hid_device();
+	if (!dev) {
+		LOG("libusb_wrap_sys_device failed: Couldn't allocate memory\n");
+		return NULL;
+	}
 
 	res = libusb_wrap_sys_device(usb_context, sys_dev, &dev->device_handle);
 	if (res < 0) {
diff --git a/linux/hid.c b/linux/hid.c
@@ -400,8 +400,8 @@ static int get_next_hid_usage(const __u8 *report_descriptor, __u32 size, struct
 	/* If no top-level application collection is found and usage page/usage pair is found, pair is valid
 	   https://docs.microsoft.com/en-us/windows-hardware/drivers/hid/top-level-collections */
 	if (initial && usage_found && ctx->usage_page_found) {
-			*usage_page = ctx->usage_page;
-			return 0; /* success */
+		*usage_page = ctx->usage_page;
+		return 0; /* success */
 	}
 
 	return 1; /* finished processing */
diff --git a/mac/hid.c b/mac/hid.c
@@ -1236,7 +1236,6 @@ static int cond_timedwait(hid_device *dev, pthread_cond_t *cond, pthread_mutex_t
 	}
 
 	return 0;
-
 }
 
 int HID_API_EXPORT hid_read_timeout(hid_device *dev, unsigned char *data, size_t length, int milliseconds)
@@ -1522,7 +1521,7 @@ int HID_API_EXPORT_CALL hid_get_report_descriptor(hid_device *dev, unsigned char
 	if (ref != NULL && CFGetTypeID(ref) == CFDataGetTypeID()) {
 		CFDataRef report_descriptor = (CFDataRef) ref;
 		const UInt8 *descriptor_buf = CFDataGetBytePtr(report_descriptor);
-		CFIndex descriptor_buf_len = CFDataGetLength(report_descriptor);
+		const CFIndex descriptor_buf_len = CFDataGetLength(report_descriptor);
 		size_t copy_len = (size_t) descriptor_buf_len;
 
 		if (descriptor_buf == NULL || descriptor_buf_len < 0) {
diff --git a/windows/hid.c b/windows/hid.c
@@ -1045,7 +1045,10 @@ HID_API_EXPORT hid_device * HID_API_CALL hid_open_path(const char *path)
 
 end_of_function:
 	free(interface_path);
-	CloseHandle(device_handle);
+
+	if (device_handle) {
+		CloseHandle(device_handle);
+	}
 
 	if (pp_data) {
 		HidD_FreePreparsedData(pp_data);
@@ -1085,8 +1088,15 @@ int HID_API_EXPORT HID_API_CALL hid_write(hid_device *dev, const unsigned char *
 		/* The user passed the right number of bytes. Use the buffer as-is. */
 		buf = (unsigned char *) data;
 	} else {
-		if (dev->write_buf == NULL)
+		if (dev->write_buf == NULL) {
 			dev->write_buf = (unsigned char *) malloc(dev->output_report_length);
+
+			if (dev->write_buf == NULL) {
+				register_winapi_error(dev, L"hid_write/malloc");
+				goto end_of_function;
+			}
+		}
+
 		buf = dev->write_buf;
 		memcpy(buf, data, length);
 		memset(buf + length, 0, dev->output_report_length - length);
@@ -1253,8 +1263,15 @@ int HID_API_EXPORT HID_API_CALL hid_send_feature_report(hid_device *dev, const u
 		buf = (unsigned char *) data;
 		length_to_send = length;
 	} else {
-		if (dev->feature_buf == NULL)
+		if (dev->feature_buf == NULL) {
 			dev->feature_buf = (unsigned char *) malloc(dev->feature_report_length);
+
+			if (dev->feature_buf == NULL) {
+				register_winapi_error(dev, L"hid_send_feature_report/malloc");
+				return -1;
+			}
+		}
+
 		buf = dev->feature_buf;
 		memcpy(buf, data, length);
 		memset(buf + length, 0, dev->feature_report_length - length);
@@ -1347,8 +1364,15 @@ int HID_API_EXPORT HID_API_CALL hid_send_output_report(hid_device* dev, const un
 		buf = (unsigned char *) data;
 		length_to_send = length;
 	} else {
-		if (dev->write_buf == NULL)
+		if (dev->write_buf == NULL) {
 			dev->write_buf = (unsigned char *) malloc(dev->output_report_length);
+
+			if (dev->write_buf == NULL) {
+				register_winapi_error(dev, L"hid_send_output_report/malloc");
+				return -1;
+			}
+		}
+
 		buf = dev->write_buf;
 		memcpy(buf, data, length);
 		memset(buf + length, 0, dev->output_report_length - length);

Original file line number	Diff line number	Diff line change
`@@ -1236,7 +1236,6 @@ static int cond_timedwait(hid_device dev, pthread_cond_t cond, pthread_mutex_t`
`1236`	`1236`	`}`
`1237`	`1237`
`1238`	`1238`	`return 0;`
`1239`		`-`
`1240`	`1239`	`}`
`1241`	`1240`
`1242`	`1241`	`int HID_API_EXPORT hid_read_timeout(hid_device dev, unsigned char data, size_t length, int milliseconds)`
`@@ -1522,7 +1521,7 @@ int HID_API_EXPORT_CALL hid_get_report_descriptor(hid_device *dev, unsigned char`
`1522`	`1521`	`if (ref != NULL && CFGetTypeID(ref) == CFDataGetTypeID()) {`
`1523`	`1522`	`CFDataRef report_descriptor = (CFDataRef) ref;`
`1524`	`1523`	`const UInt8 *descriptor_buf = CFDataGetBytePtr(report_descriptor);`
`1525`		`- CFIndex descriptor_buf_len = CFDataGetLength(report_descriptor);`
	`1524`	`+ const CFIndex descriptor_buf_len = CFDataGetLength(report_descriptor);`
`1526`	`1525`	`size_t copy_len = (size_t) descriptor_buf_len;`
`1527`	`1526`
`1528`	`1527`	`if (descriptor_buf == NULL \|\| descriptor_buf_len < 0) {`