fix(i2c_master): NULL pointer dereference in i2c_master_bus_destroy when i2c_master->base is NULL

[pback34]

Description:

This pull request addresses a potential crash in the i2c_master_bus_destroy function of the ESP-IDF I2C master driver. The issue arises when i2c_master->base is NULL, leading to a NULL pointer dereference and subsequent program crash.

---

Issue Details:

• Scenario:
  • When attempting to create a new I2C master bus using i2c_new_master_bus, if the bus is not available (e.g., all I2C ports are in use), the function i2c_acquire_bus_handle fails.
  • As a result, i2c_master->base remains NULL.
  • When i2c_new_master_bus encounters this failure, it calls i2c_master_bus_destroy to clean up.
  • The i2c_master_bus_destroy function does not check if i2c_master->base is NULL before using it.
  • This leads to a NULL pointer dereference when calling functions like i2c_common_deinit_pins(i2c_master->base) and i2c_release_bus_handle(i2c_master->base), causing a crash.

Proposed Fix:

• Add NULL Check:

• Introduced a check to verify if i2c_master->base is not NULL before dereferencing it in i2c_master_bus_destroy.

• This ensures that functions which require i2c_master->base only execute when it's valid.

• Minimal Changes:

• The fix is minimal and preserves the existing logic and flow of the function.

• The conditional checks and resource cleanup are maintained as per the original implementation.

[CLAassistant]

All committers have signed the CLA.

[github-actions]

	Messages
📖	You might consider squashing your 3 commits (simplifying branch history).

👋 Hello pback34, we appreciate your contribution to this project!

---

📘 Please review the project's Contributions Guide for key guidelines on code, documentation, testing, and more.

---

🖊️ Please also make sure you have read and signed the Contributor License Agreement for this project.

---

Click to see more instructions ...

This automated output is generated by the PR linter DangerJS, which checks if your Pull Request meets the project's requirements and helps you fix potential issues.

DangerJS is triggered with each push event to a Pull Request and modify the contents of this comment.

Please consider the following:
- Danger mainly focuses on the PR structure and formatting and can't understand the meaning behind your code or changes.
- Danger is not a substitute for human code reviews; it's still important to request a code review from your colleagues.
- Addressing info messages (📖) is strongly recommended; they're less critical but valuable.
- To manually retry these Danger checks, please navigate to the Actions tab and re-run last Danger workflow.

Review and merge process you can expect ...

We do welcome contributions in the form of bug reports, feature requests and pull requests via this public GitHub repository.

This GitHub project is public mirror of our internal git repository

1. An internal issue has been created for the PR, we assign it to the relevant engineer.
2. They review the PR and either approve it or ask you for changes or clarifications.
3. Once the GitHub PR is approved, we synchronize it into our internal git repository.
4. In the internal git repository we do the final review, collect approvals from core owners and make sure all the automated tests are passing.
- At this point we may do some adjustments to the proposed change, or extend it by adding tests or documentation.
5. If the change is approved and passes the tests it is merged into the default branch.
5. On next sync from the internal git repository merged change will appear in this public GitHub repository.

Generated by 🚫 dangerJS against 8567a45

[atanisoft]

this specific check for non-null is redundant at this point since the pointer will have been dereferenced already and has been validated already as part of the first line in the function.

[pback34]

Good catch. Please see if latest looks correct.

[atanisoft]

Looks much better!

[KaeLL]

That's a good candidate to use esp_check's ESP_GOTO_ON_ERROR/FALSE to improve error handling.

[jrahlf]

Unless the ESP coding style suggests this, I would refactor the free(i2c_master); calls into a single statement at the end end remove two else clauses.