[vala/0.36: 100/173] glib-2.0: Fix potential null pointer dereference in string.joinv()

From: Rico Tzschichholz <ricotz src gnome org>
To: commits-list gnome org
Cc:
Subject: [vala/0.36: 100/173] glib-2.0: Fix potential null pointer dereference in string.joinv()
Date: Fri, 9 Feb 2018 14:02:44 +0000 (UTC)

commit a7ee4ae8dccaee53ae6b9cb2d2873060f361c8a0
Author: Philip Withnall <withnall endlessm com>
Date:   Tue Dec 5 11:59:32 2017 +0000

    glib-2.0: Fix potential null pointer dereference in string.joinv()
    
    The logic in the ‘is the array null or empty’ check was disjunctive
    rather than conjunctive. If (str_array == null), the condition would
    have short-circuited and tried to evaluate str_array.length, which would
    have crashed.
    
    Coverity CID: #1462389 (spotted when scanning Tracker)
    
    https://bugzilla.gnome.org/show_bug.cgi?id=791257

 vapi/glib-2.0.vapi |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)
---
diff --git a/vapi/glib-2.0.vapi b/vapi/glib-2.0.vapi
index 45b330b..7850e6d 100644
--- a/vapi/glib-2.0.vapi
+++ b/vapi/glib-2.0.vapi
@@ -1078,7 +1078,7 @@ public class string {
                if (separator == null) {
                        separator = "";
                }
-               if (str_array != null || str_array.length > 0 || (str_array.length == -1 && str_array[0] != 
null)) {
+               if (str_array != null && (str_array.length > 0 || (str_array.length == -1 && str_array[0] != 
null))) {
                        int i;
                        size_t len = 1;
                        for (i = 0 ; (str_array.length != -1 && i < str_array.length) || (str_array.length == 
-1 && str_array[i] != null) ; i++) {

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]