Bug 792351 – gbookmarkfile: check length before dereferencing groups

After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.

Bug 792351 - gbookmarkfile: check length before dereferencing groups


Summary:	gbookmarkfile: check length before dereferencing groups


Status:	RESOLVED FIXED

Product:	glib
Classification:	Platform
Component:	general
Version:	unspecified
Hardware:	Other All

Importance:	Normal normal
Target Milestone:	---
Assigned To:	gtkdev
QA Contact:	gtkdev

URL:
Whiteboard:

Depends on:
Blocks:

Reported:	2018-01-09 06:13 UTC by Christian Hergert
Modified:	2018-01-09 23:31 UTC

See Also:
GNOME target:	---
GNOME version:	---

Attachments
gbookmarkfile: check length before dereferencing groups (1017 bytes, patch) 2018-01-09 06:13 UTC, Christian Hergert	committed	Details \| Review

Description Christian Hergert 2018-01-09 06:13:51 UTC

There is no requirement that groups is NULL terminated, so we should check
that the bounds are within the specified length before checking for a
NULL terminating value.

Comment 1 Christian Hergert 2018-01-09 06:13:57 UTC

Created attachment 366529 [details] [review]
gbookmarkfile: check length before dereferencing groups

Comment 2 Philip Withnall 2018-01-09 10:11:42 UTC

Review of attachment 366529 [details] [review]:

++, please also push to glib-2-54.