From 43b2f5d1207a010f1df67e101b129b09502371e2 Mon Sep 17 00:00:00 2001
From: Hangbin Liu <liuhangbin@gmail.com>
Date: Fri, 12 May 2017 15:36:45 +0800
Subject: [PATCH] msg: use last_tlv if there is not enough room for another tlv

If the len is not enought for another tlv process. e.g. one more bytes
padding at the end of message. And we set extra to NULL instead of
msg->last_tlv in tlv_post_recv(). Then the msg->last_tlv will not be
initialised. And program will crash if we read msg->last_tlv. e.g. in
function pmc_show().

Signed-off-by: Hangbin Liu <liuhangbin@gmail.com>
---
 msg.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/msg.c b/msg.c
index a38b815..4b3d926 100644
--- a/msg.c
+++ b/msg.c
@@ -140,7 +140,7 @@ static int suffix_post_recv(uint8_t *ptr, int len, struct tlv_extra *last)
 		}
 		len -= tlv->length;
 		ptr += tlv->length;
-		err = tlv_post_recv(tlv, len ? NULL : last);
+		err = tlv_post_recv(tlv, len > sizeof(struct TLV) ? NULL : last);
 		if (err)
 			return err;
 	}