diff options
| author | Brad Bishop <bradleyb@fuzziesquirrel.com> | 2022-07-29 21:38:40 +0300 |
|---|---|---|
| committer | Ed Tanous <ed@tanous.net> | 2022-08-02 00:25:28 +0300 |
| commit | 02e53aef7743fcd9e3c9c3f28c9cf0af09277415 (patch) | |
| tree | 16431eeb0dbec6d69a8c723b32f20fdf4dd5499d | |
| parent | dd64162dfe253640d80ee3f5d3c0eb0be82e9619 (diff) | |
| download | bmcweb-02e53aef7743fcd9e3c9c3f28c9cf0af09277415.tar.xz | |
redfish session: Handle generateUserSession errors
generateUserSession returns a null pointer when it fails. Check for
that failure and return an error to the user, to avoid a null pointer
dereference.
Tested: Nope
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
Change-Id: I56144483d542555051acc02655558854205f39a6
| -rw-r--r-- | redfish-core/lib/redfish_sessions.hpp | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/redfish-core/lib/redfish_sessions.hpp b/redfish-core/lib/redfish_sessions.hpp index e4eae68c33..af01e05af7 100644 --- a/redfish-core/lib/redfish_sessions.hpp +++ b/redfish-core/lib/redfish_sessions.hpp @@ -215,6 +215,12 @@ inline void handleSessionCollectionPost( persistent_data::SessionStore::getInstance().generateUserSession( username, req.ipAddress, clientId, persistent_data::PersistenceType::TIMEOUT, isConfigureSelfOnly); + if (session == nullptr) + { + messages::internalError(asyncResp->res); + return; + } + asyncResp->res.addHeader("X-Auth-Token", session->sessionToken); asyncResp->res.addHeader( "Location", "/redfish/v1/SessionService/Sessions/" + session->uniqueId); |