[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Xlog-discussion] NULL pointer deref in in xlog 0.9.6
|
From: |
Nigel Horne |
|
Subject: |
[Xlog-discussion] NULL pointer deref in in xlog 0.9.6 |
|
Date: |
Wed, 2 Jun 2004 16:18:46 +0100 |
|
User-agent: |
KMail/1.6.2 |
There is a bug in xlog0.9.6 which could cause Xlog to crash on startup on some
architectures.
The problem is in src/dxcc.c. At line 272 there is the following loop start:
while (!feof (fp))
7 lines later this appears:
if (ch == EOF) break;
However this line will only break out of the loop starting on line 273:
while (ch != 10)
So having read an EOF the processing carries on with an empty buffer to lines
290
split = g_strsplit (buf, " ", 2);
Where because split is now NULL (there was no 2nd element in buf since that is
empty)
the next line crashes:
g_ascii_strup(split[1], -1);
The fix is to add a second break thus:
while (!feof (fp))
{
while (ch != 10)
{
ch = fgetc (fp);
if (ch == EOF) break;
buf[ichar++] = ch;
}
+ if(feof(fp))
+ break;
buf[ichar] = '\0';
ichar = 0;
ch = 0;
--
Nigel Horne. Arranger, Composer, Typesetter.
NJH Music, Barnsley, UK. ICQ#20252325
address@hidden http://www.bandsman.co.uk
- [Xlog-discussion] NULL pointer deref in in xlog 0.9.6,
Nigel Horne <=