Package: malcontent Version: 0.13.1-5 The downstream patch `all_apps.patch` carried in (at least) malcontent 0.13.1-5 contains a bug which causes a crash on certain `.desktop` files (ones which have `Type=Application` but no `Exec=` line). Typically these `.desktop` files will (apparently) come from snap apps.
The patch is viewable online here: https://sources.debian.org/patches/malcontent/0.13.1-5/all_apps.patch/ The bug was discovered/diagnosed in the upstream issue here: https://gitlab.freedesktop.org/pwithnall/malcontent/-/issues/136 The patch calls `g_app_info_get_commandline()` in three places. The first call correctly has a `NULL` check. The other two do not, and proceed to treat the returned value as if it’s unconditionally non-`NULL`. --- Given that the patch says it’s for `Bug: https://gitlab.freedesktop.org/pwithnall/malcontent/-/issues/58`, it’s disappointing that the patch wasn’t submitted upstream even though I said I was open to such contributions (https://gitlab.freedesktop.org/pwithnall/malcontent/-/issues/58#note_2035099). Review upstream may have caught this issue.
signature.asc
Description: This is a digitally signed message part
