[tracker: 1/21] tracker-monitor: Prevent stack smashing



commit f36b07fd28b0a8ad5d5e8e6eb5aaf1692db15b40
Author: Andrea Azzarone <andrea azzarone canonical com>
Date:   Fri Jan 18 16:14:57 2019 +0000

    tracker-monitor: Prevent stack smashing
    
    Make sure to use GPOINTER_TO_UINT when using g_hash_table_lookup_extended() to
    prevent stack smashing. This will make sure that in the architectures where
    sizeof(GFileMonitorEvent) < sizeof(gpointer), g_hash_table_lookup_extended()
    will not write more bytes than prev_event_type can hold.
    
    Fixes: https://gitlab.gnome.org/GNOME/tracker/issues/71

 src/libtracker-miner/tracker-monitor.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)
---
diff --git a/src/libtracker-miner/tracker-monitor.c b/src/libtracker-miner/tracker-monitor.c
index 6bbe3b315..ccf85976e 100644
--- a/src/libtracker-miner/tracker-monitor.c
+++ b/src/libtracker-miner/tracker-monitor.c
@@ -614,13 +614,15 @@ flush_cached_event (TrackerMonitor *monitor,
                     GFile          *file,
                     gboolean        is_directory)
 {
-       GFileMonitorEvent prev_event_type;
+       gpointer value = NULL;
        TrackerMonitorPrivate *priv;
 
        priv = tracker_monitor_get_instance_private (monitor);
 
        if (g_hash_table_lookup_extended (priv->cached_events,
-                                         file, NULL, (gpointer*) &prev_event_type)) {
+                                         file, NULL, &value)) {
+               GFileMonitorEvent prev_event_type = GPOINTER_TO_UINT (value);
+
                g_hash_table_remove (priv->cached_events, file);
                emit_signal_for_event (monitor, prev_event_type,
                                       is_directory, file, NULL);


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]