Bug 707750 – NULL pointer dereferenced in tree.c

After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.

Bug 707750 - NULL pointer dereferenced in tree.c


Summary:	NULL pointer dereferenced in tree.c


Status:	RESOLVED FIXED

Product:	libxml2
Classification:	Platform
Component:	general
Version:	git master
Hardware:	Other Linux

Importance:	Normal critical
Target Milestone:	---
Assigned To:	Daniel Veillard
QA Contact:	libxml QA maintainers

URL:
Whiteboard:

Depends on:
Blocks:

Reported:	2013-09-09 08:38 UTC by Gaurav
Modified:	2013-09-11 07:13 UTC

See Also:
GNOME target:	---
GNOME version:	---

Attachments
Fixing Null pointer dereference. (398 bytes, patch) 2013-09-09 08:38 UTC, Gaurav	none	Details \| Review

Description Gaurav 2013-09-09 08:38:58 UTC

Created attachment 254448 [details] [review]
Fixing Null pointer dereference.

In below code:


if (clone->parent != NULL)
		clone->parent->last = clone;
	    clone = clone->parent;
	    parentClone = clone->parent;

after if condition, clone->parent can be NULL.
If it is NULL, it is assigned to clone in next statement. So, now clone is NULL after second statement.
Third statement, directly dereferences clone, which is NULL after second statement. It may cause crash.

Attached patch fixes this issue.

Comment 1 Daniel Veillard 2013-09-11 07:13:42 UTC

Okay agreed with report and patch though I prefer to fix this in a simpler
way:

https://git.gnome.org/browse/libxml2/commit/?id=75d13092f2886176fa8e8f354eb8a0e51f7409fd

  thanks !

Daniel