From 289c1006ef8a64a26595aeb811494f0deb8cb2f6 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?D=2E=20Andrei=20M=C4=83ce=C8=99?= <dmaces@nd.edu>
Date: Sat, 7 Oct 2017 18:07:00 +0300
Subject: [PATCH] libril: Protect against NULL unsolicited response function
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Upstream change I732234a22328a1bfcb603bb020547f543b6fd766 makes
RIL_UNSOL_DC_RT_INFO_CHANGED's responseFunction() NULL, without
protecting against it in RIL_onUnsolicitedResponse(), thus crash-
ing at least hammerhead's RIL stack upon mobile data connection.

https://android-review.googlesource.com/#/c/platform/hardware/ril/+/345950/

Change-Id: I6567019cb6daf6492a29e04cc9872e69b2ba456d
Signed-off-by: D. Andrei Măceș <Andrei.Maces@alumni.nd.edu>
(cherry picked from commit e73eafff8695ab28201acbc03a362d5b177047aa)
---
 ril/libril/ril.cpp | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/ril/libril/ril.cpp b/ril/libril/ril.cpp
index 337b355..3abe559 100644
--- a/ril/libril/ril.cpp
+++ b/ril/libril/ril.cpp
@@ -782,9 +782,11 @@ void RIL_onUnsolicitedResponse(int unsolResponse, const void *data,
     int rwlockRet = pthread_rwlock_rdlock(radioServiceRwlockPtr);
     assert(rwlockRet == 0);
 
-    ret = s_unsolResponses[unsolResponseIndex].responseFunction(
-            (int) soc_id, responseType, 0, RIL_E_SUCCESS, const_cast<void*>(data),
-            datalen);
+    if (s_unsolResponses[unsolResponseIndex].responseFunction) {
+        ret = s_unsolResponses[unsolResponseIndex].responseFunction(
+                (int) soc_id, responseType, 0, RIL_E_SUCCESS, const_cast<void*>(data),
+                datalen);
+    }
 
     rwlockRet = pthread_rwlock_unlock(radioServiceRwlockPtr);
     assert(rwlockRet == 0);