commit 558b9cc3bc6961d26104cf726fe148f58ba36940
Author: Laslo Hunhold <[email protected]>
AuthorDate: Sun Nov 13 09:12:25 2022 +0100
Commit: Laslo Hunhold <[email protected]>
CommitDate: Sun Nov 13 09:12:25 2022 +0100
Prevent two theoretical null-pointer-dereferences in gen/util.c
This was found using static analysis and is not a security issue given
this is in the generating code, so no runtime-affection. The worst that
could've happened beforehand is that the generating code segfaults and
produces garbage tables which would lead to compilation failure.
Signed-off-by: Laslo Hunhold <[email protected]>
diff --git a/gen/util.c b/gen/util.c
index ee36fa3..01d42db 100644
--- a/gen/util.c
+++ b/gen/util.c
@@ -602,7 +602,7 @@ properties_generate_break_property(const struct
property_spec *spec,
static int
break_test_callback(const char *fname, char **field, size_t nfields,
- char *comment, void *payload)
+ char *comment, void *payload)
{
struct break_test *t,
**test = ((struct break_test_payload *)payload)->test;
@@ -668,7 +668,7 @@ break_test_callback(const char *fname, char **field, size_t
nfields,
}
}
}
- if (t->len[t->lenlen - 1] == 0) {
+ if (t->lenlen > 0 && t->len[t->lenlen - 1] == 0) {
/*
* we allocated one more length than we needed because
* the breakpoint was at the end
@@ -677,7 +677,8 @@ break_test_callback(const char *fname, char **field, size_t
nfields,
}
/* store comment */
- if (((*test)[*testlen - 1].descr = strdup(comment)) == NULL) {
+ if (comment != NULL &&
+ ((*test)[*testlen - 1].descr = strdup(comment)) == NULL) {
fprintf(stderr, "break_test_callback: strdup: %s.\n",
strerror(errno));
return 1;
