Bug 730005 – Avoid Possible Null Pointer in trio.c

After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.

Bug 730005 - Avoid Possible Null Pointer in trio.c


Summary:	Avoid Possible Null Pointer in trio.c


Status:	RESOLVED FIXED

Product:	libxml2
Classification:	Platform
Component:	general
Version:	git master
Hardware:	Other Linux

Importance:	Normal major
Target Milestone:	---
Assigned To:	Daniel Veillard
QA Contact:	libxml QA maintainers

URL:
Whiteboard:

Depends on:
Blocks:

Reported:	2014-05-12 11:51 UTC by Gaurav
Modified:	2014-07-14 13:24 UTC

See Also:
GNOME target:	---
GNOME version:	---

Attachments
Avoid Possible null pointer dereference in trio.c (765 bytes, patch) 2014-05-12 11:51 UTC, Gaurav	none	Details \| Review

Description Gaurav 2014-05-12 11:51:30 UTC

Created attachment 276375 [details] [review]
Avoid Possible null pointer dereference in trio.c

In file :
https://git.gnome.org/browse/libxml2/tree/trio.c

TRIO_PRIVATE void
TrioInStreamFile
TRIO_ARGS2((self, intPointer),
	   trio_class_t *self,
	   int *intPointer)
{
  FILE *file = (FILE *)self->location;

  assert(VALID(self));
  assert(VALID(file));


and 

TRIO_PRIVATE void
TrioInStreamFileDescriptor
TRIO_ARGS2((self, intPointer),
	   trio_class_t *self,
	   int *intPointer)
{
  int fd = *((int *)self->location);
  int size;
  unsigned char input;

  assert(VALID(self));



self is dereferenced before NULL check and  hence may create crash scenario.

Please apply attached patch.

Comment 1 Daniel Veillard 2014-07-14 13:24:18 UTC

Okay, asserts are a really bad idea in libxml2, but crashing is worse.
Applied as commit e036cb3160378d7c46f99434de07c065ebb05bc9

  thanks,

Daniel