From c83a84afbef2b24f960ddeda0b5e2ab01fba6981 Mon Sep 17 00:00:00 2001
From: John Crispin <john@phrozen.org>
Date: Wed, 25 Jul 2018 10:30:05 +0200
Subject: [PATCH] fix segfault when passed blobmsg attr is NULL

Signed-off-by: John Crispin <john@phrozen.org>
---
 blobmsg.c |  2 ++
 blobmsg.h | 13 +++++++++++--
 2 files changed, 13 insertions(+), 2 deletions(-)

diff --git a/blobmsg.c b/blobmsg.c
index c2bb717..8019c45 100644
--- a/blobmsg.c
+++ b/blobmsg.c
@@ -135,6 +135,8 @@ int blobmsg_parse(const struct blobmsg_policy *policy, int policy_len,
 	int i;
 
 	memset(tb, 0, policy_len * sizeof(*tb));
+	if (!data || !len)
+		return -EINVAL;
 	pslen = alloca(policy_len);
 	for (i = 0; i < policy_len; i++) {
 		if (!policy[i].name)
diff --git a/blobmsg.h b/blobmsg.h
index 7977298..b06ef59 100644
--- a/blobmsg.h
+++ b/blobmsg.h
@@ -71,8 +71,14 @@ static inline int blobmsg_type(const struct blob_attr *attr)
 
 static inline void *blobmsg_data(const struct blob_attr *attr)
 {
-	struct blobmsg_hdr *hdr = (struct blobmsg_hdr *) blob_data(attr);
-	char *data = (char *) blob_data(attr);
+	struct blobmsg_hdr *hdr;
+	char *data;
+
+	if (!attr)
+		return NULL;
+
+	hdr = (struct blobmsg_hdr *) blob_data(attr);
+	data = (char *) blob_data(attr);
 
 	if (blob_is_extended(attr))
 		data += blobmsg_hdrlen(be16_to_cpu(hdr->namelen));
@@ -84,6 +90,9 @@ static inline int blobmsg_data_len(const struct blob_attr *attr)
 {
 	uint8_t *start, *end;
 
+	if (!attr)
+		return 0;
+
 	start = (uint8_t *) blob_data(attr);
 	end = (uint8_t *) blobmsg_data(attr);
 
-- 
2.30.2