nimble/eatt: Fix NULL deref in ble_eatt_alloc If ble_eatt_conn_pool was empty we would end up in writing NULL address.

commit: 10c2ae801809c08d6b0677c06712d7aad9b03ec0 [log] [tgz]
author: Szymon Janc <szymon.janc@codecoup.pl> Tue Mar 12 14:19:48 2024 +0100
committer: Szymon Janc <szymon.janc@codecoup.pl> Thu Mar 21 08:52:42 2024 +0100
tree: c7860210114e6b4c8b6bbf38965b80e7f69bd098
parent: 1c91062dbcf47ec7b746b2c478affd447493c12f [diff]
diff --git a/nimble/host/src/ble_eatt.c b/nimble/host/src/ble_eatt.c
index de1c0d7..f9f7d92 100644
--- a/nimble/host/src/ble_eatt.c
+++ b/nimble/host/src/ble_eatt.c

@@ -177,10 +177,13 @@
     struct ble_eatt *eatt;
 
     eatt = os_memblock_get(&ble_eatt_conn_pool);
-    if (eatt) {
-        SLIST_INSERT_HEAD(&g_ble_eatt_list, eatt, next);
+    if (!eatt) {
+        BLE_EATT_LOG_WARN("eatt: Failed to allocate new eatt context\n");
+        return NULL;
     }
 
+    SLIST_INSERT_HEAD(&g_ble_eatt_list, eatt, next);
+
     eatt->conn_handle = BLE_HS_CONN_HANDLE_NONE;
     eatt->chan = NULL;
     eatt->client_op = 0;
commit	10c2ae801809c08d6b0677c06712d7aad9b03ec0	[log] [tgz]
author	Szymon Janc <szymon.janc@codecoup.pl>	Tue Mar 12 14:19:48 2024 +0100
committer	Szymon Janc <szymon.janc@codecoup.pl>	Thu Mar 21 08:52:42 2024 +0100
tree	c7860210114e6b4c8b6bbf38965b80e7f69bd098
parent	1c91062dbcf47ec7b746b2c478affd447493c12f [diff]