Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP1:GA
exiv2.26842
0001-Avoid-null-pointer-exception-due-to-NULL-r...
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File 0001-Avoid-null-pointer-exception-due-to-NULL-return-valu.patch of Package exiv2.26842
From 4930814f688b194dc36b78fa050d97340c98c042 Mon Sep 17 00:00:00 2001 From: Kevin Backhouse <kev@semmle.com> Date: Tue, 30 Apr 2019 11:15:06 +0100 Subject: [PATCH] Avoid null pointer exception due to NULL return value from strchr. This fixes #793. (cherry picked from commit ae20c30805b330275b2aa0303a42e1f2bbd53661) --- src/http.cpp | 24 +++++++++++++++++++----- 1 file changed, 19 insertions(+), 5 deletions(-) diff --git a/src/http.cpp b/src/http.cpp index 86b7ebb7..d9096a92 100644 --- a/src/http.cpp +++ b/src/http.cpp @@ -345,10 +345,14 @@ int Exiv2::http(Exiv2::Dictionary& request,Exiv2::Dictionary& response,std::stri // search for the body for ( size_t b = 0 ; bSearching && b < lengthof(blankLines) ; b++ ) { - if ( strstr(buffer,blankLines[b]) ) { + const char* blankLinePos = strstr(buffer,blankLines[b]); + if ( blankLinePos ) { bSearching = false ; - body = (int) ( strstr(buffer,blankLines[b]) - buffer ) + strlen(blankLines[b]) ; - status = atoi(strchr(buffer,' ')) ; + body = blankLinePos - buffer + strlen(blankLines[b]); + const char* firstSpace = strchr(buffer,' '); + if (firstSpace) { + status = atoi(firstSpace); + } } } @@ -358,9 +362,19 @@ int Exiv2::http(Exiv2::Dictionary& request,Exiv2::Dictionary& response,std::stri char N = '\n'; int i = 0 ; // initial byte in buffer while(buffer[i] == N ) i++; - h = strchr(h+i,N)+1; + h = strchr(h+i,N); + if (!h) { + status = 0; + break; + } + h++; response[""]=std::string(buffer+i).substr(0,h-buffer-2); - result = atoi(strchr(buffer,' ')); + const char* firstSpace = strchr(buffer,' '); + if ( !firstSpace ) { + status = 0; + break; + } + result = atoi(firstSpace); char* c = strchr(h,C); char* n = strchr(h,N); while ( c && n && c < n && h < buffer+body ) { -- 2.25.1
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor