void-packages/srcpkgs/libgxps/patches/CVE-2017-11590.patch

41 lines
1.4 KiB
Diff
Raw Normal View History

2018-10-03 17:50:00 +02:00
From 9d5d292055250ed298f3b89dc332d6db4003a031 Mon Sep 17 00:00:00 2001
From: Marek Kasik <mkasik@redhat.com>
Date: Wed, 26 Jul 2017 16:23:37 +0200
Subject: [PATCH] archive: Check for pathname being NULL before dereferencing
Check whether "archive_entry_pathname ()" returns a non-NULL pathname
before using it to avoid a NULL pointer being dereferenced.
https://bugzilla.gnome.org/show_bug.cgi?id=785479
---
libgxps/gxps-archive.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/libgxps/gxps-archive.c b/libgxps/gxps-archive.c
index acf8d7d..e763773 100644
--- libgxps/gxps-archive.c
+++ libgxps/gxps-archive.c
@@ -257,6 +257,7 @@ gxps_archive_initable_init (GInitable *initable,
GXPSArchive *archive;
ZipArchive *zip;
struct archive_entry *entry;
+ const gchar *pathname;
archive = GXPS_ARCHIVE (initable);
@@ -281,7 +282,9 @@ gxps_archive_initable_init (GInitable *initable,
while (gxps_zip_archive_iter_next (zip, &entry)) {
/* FIXME: We can ignore directories here */
- g_hash_table_add (archive->entries, g_strdup (archive_entry_pathname (entry)));
+ pathname = archive_entry_pathname (entry);
+ if (pathname != NULL)
+ g_hash_table_add (archive->entries, g_strdup (pathname));
archive_read_data_skip (zip->archive);
}
--
2.18.0