bug-gnulib
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[PATCH 03/11] gnulib/regexec: Fix possible null-dereference

From: Robbie Harwood
Subject: [PATCH 03/11] gnulib/regexec: Fix possible null-dereference
Date: Mon, 25 Oct 2021 17:55:36 -0400 
From: Darren Kenny <darren.kenny@oracle.com>

It appears to be possible that the mctx->state_log field may be NULL,
and the name of this function, clean_state_log_if_needed(), suggests
that it should be checking that it is valid to be cleaned before
assuming that it does.

Fixes: CID 86720

Signed-off-by: Darren Kenny <darren.kenny@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
---
 lib/regexec.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/lib/regexec.c b/lib/regexec.c
index 6aeba3c0b..e48fe5333 100644
--- a/lib/regexec.c
+++ b/lib/regexec.c
@@ -1675,6 +1675,9 @@ clean_state_log_if_needed (re_match_context_t *mctx, Idx 
next_state_log_idx)
 {
   Idx top = mctx->state_log_top;
 
+  if (mctx->state_log == NULL)
+    return REG_NOERROR;
+
   if ((next_state_log_idx >= mctx->input.bufs_len
        && mctx->input.bufs_len < mctx->input.len)
       || (next_state_log_idx >= mctx->input.valid_len
-- 
2.33.0
reply via email to
[Prev in Thread] Current Thread [Next in Thread]