From 3c8af4c5712d4991875b1bdf5d9bf955fda7cbb3 Mon Sep 17 00:00:00 2001
From: Andrew Johnson <anj@aps.anl.gov>
Date: Mon, 2 May 2016 11:38:51 -0500
Subject: [PATCH] Catch bad attribute names/values to prevent a segfault

---
 src/ioc/db/dbAccess.c | 32 +++++++++++++++++++++-----------
 1 file changed, 21 insertions(+), 11 deletions(-)

diff --git a/src/ioc/db/dbAccess.c b/src/ioc/db/dbAccess.c
index a45aa9b93..6a5ee7d39 100644
--- a/src/ioc/db/dbAccess.c
+++ b/src/ioc/db/dbAccess.c
@@ -402,19 +402,29 @@ struct rset * dbGetRset(const struct dbAddr *paddr)
 }
 
 long dbPutAttribute(
-    const char *recordTypename,const char *name,const char*value)
+    const char *recordTypename, const char *name, const char *value)
 {
-	DBENTRY		dbEntry;
-	DBENTRY		*pdbEntry = &dbEntry;
-	long		status=0;
+    DBENTRY dbEntry;
+    DBENTRY *pdbEntry = &dbEntry;
+    long status = 0;
 
-        if(!pdbbase) return(S_db_notFound);
-	dbInitEntry(pdbbase,pdbEntry);
-	status = dbFindRecordType(pdbEntry,recordTypename);
-	if(!status) status = dbPutRecordAttribute(pdbEntry,name,value);
-	dbFinishEntry(pdbEntry);
-	if(status) errMessage(status,"dbPutAttribute failure");
-	return(status);
+    if (!pdbbase)
+        return S_db_notFound;
+    if (!name) {
+        status = S_db_badField;
+        goto done;
+    }
+    if (!value)
+        value = "";
+    dbInitEntry(pdbbase, pdbEntry);
+    status = dbFindRecordType(pdbEntry, recordTypename);
+    if (!status)
+        status = dbPutRecordAttribute(pdbEntry, name, value);
+    dbFinishEntry(pdbEntry);
+done:
+    if (status)
+        errMessage(status, "dbPutAttribute failure");
+    return status;
 }
 
 int dbIsValueField(const struct dbFldDes *pdbFldDes)