Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Potential Null dereference #172

Closed
ManSoSec opened this issue Dec 11, 2019 · 2 comments
Closed

Potential Null dereference #172

ManSoSec opened this issue Dec 11, 2019 · 2 comments
Assignees
@rurban
Labels
fuzzing Intentional illegal input
Milestone
0.10

Comments

@ManSoSec
Copy link

I think a null check on dwg->dwg_class is missing here:

libredwg/src/print.c

Lines 588 to 594 in 785df5f

if (i > 0 && i < (int)dwg->num_classes)
{
klass = &dwg->dwg_class[i];
is_entity = klass ? dwg_class_is_entity (klass) : 0;
}
// properly dwg_decode_object/_entity for eed, reactors, xdic
if (klass && !is_entity)

While it is done here, which is a similar cases:

libredwg/src/free.c

Lines 727 to 732 in 785df5f

if (dwg->dwg_class && i >= 0 && i < (int)dwg->num_classes)
{
klass = &dwg->dwg_class[i];
is_entity = klass ? dwg_class_is_entity (klass) : 0;
}
if (klass && !is_entity)

@rurban rurban self-assigned this Dec 25, 2019
@rurban
Copy link
Contributor

rurban commented Dec 26, 2019

make scan-build complains about 6 of those.

@rurban
Copy link
Contributor

rurban commented Dec 26, 2019

Only with free we could have freed dwg->dwg_class already. Will not happen with print, where num_classes will be 0 then.

@rurban rurban closed this as completed Dec 26, 2019
@rurban rurban added this to the 0.10 milestone Jan 6, 2020
@rurban rurban added the fuzzing Intentional illegal input label Jan 16, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@rurban rurban

Labels
fuzzing Intentional illegal input
Projects
None yet
Milestone
0.10
Development

No branches or pull requests
2 participants
@rurban @ManSoSec