blob: 9caa79b6f0d5695f00440515f5b796ff29fc5225 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
|
Fix CVE-2017-11590:
https://bugzilla.gnome.org/show_bug.cgi?id=785479
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11590
Patch copied from upstream source repository:
https://git.gnome.org/browse/libgxps/commit/?id=9d5d292055250ed298f3b89dc332d6db4003a031
From 9d5d292055250ed298f3b89dc332d6db4003a031 Mon Sep 17 00:00:00 2001
From: Marek Kasik <mkasik@redhat.com>
Date: Wed, 26 Jul 2017 16:23:37 +0200
Subject: archive: Check for pathname being NULL before dereferencing
Check whether "archive_entry_pathname ()" returns a non-NULL pathname
before using it to avoid a NULL pointer being dereferenced.
https://bugzilla.gnome.org/show_bug.cgi?id=785479
---
libgxps/gxps-archive.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/libgxps/gxps-archive.c b/libgxps/gxps-archive.c
index acf8d7d..e763773 100644
--- a/libgxps/gxps-archive.c
+++ b/libgxps/gxps-archive.c
@@ -257,6 +257,7 @@ gxps_archive_initable_init (GInitable *initable,
GXPSArchive *archive;
ZipArchive *zip;
struct archive_entry *entry;
+ const gchar *pathname;
archive = GXPS_ARCHIVE (initable);
@@ -281,7 +282,9 @@ gxps_archive_initable_init (GInitable *initable,
while (gxps_zip_archive_iter_next (zip, &entry)) {
/* FIXME: We can ignore directories here */
- g_hash_table_add (archive->entries, g_strdup (archive_entry_pathname (entry)));
+ pathname = archive_entry_pathname (entry);
+ if (pathname != NULL)
+ g_hash_table_add (archive->entries, g_strdup (pathname));
archive_read_data_skip (zip->archive);
}
--
cgit v0.12
|