[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xlog-discussion] NULL pointer deref in in xlog 0.9.6

From: Joop Stakenborg
Subject: Re: [Xlog-discussion] NULL pointer deref in in xlog 0.9.6
Date: Wed, 02 Jun 2004 21:14:45 +0200
User-agent: Mozilla Thunderbird 0.6 (X11/20040528)

Nigel Horne wrote:
There is a bug in xlog0.9.6 which could cause Xlog to crash on startup on some 

The problem is in src/dxcc.c. At line 272 there is the following loop start:
        while (!feof (fp))

7 lines later this appears:
        if (ch == EOF) break;
However this line will only break out of the loop starting on line 273:
                while (ch != 10)

So having read an EOF the processing carries on with an empty buffer to lines 
                split = g_strsplit (buf, " ", 2);

Where because split is now NULL (there was no 2nd element in buf since that is 
the next line crashes:
        g_ascii_strup(split[1], -1);

The fix is to add a second break thus:

        while (!feof (fp))
                while (ch != 10)
                        ch = fgetc (fp);
                        if (ch == EOF) break;
                        buf[ichar++] = ch;
+               if(feof(fp))
+                       break;
                buf[ichar] = '\0';
                ichar = 0;
                ch = 0;

Hi Nigel,

thanks for sharing. I will add your fix to the next release. It might be a while though, because I am going on holiday shortly....

Joop PG4I

reply via email to

[Prev in Thread] Current Thread [Next in Thread]