[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH v2 01/10] argp-parse.c (__argp_input): Don't crash if pstate
|
From: |
Bruno Haible |
|
Subject: |
Re: [PATCH v2 01/10] argp-parse.c (__argp_input): Don't crash if pstate is NULL |
|
Date: |
Tue, 07 Dec 2021 14:37:00 +0100 |
Robbie Harwood wrote:
> From: Colin Watson <cjwatson@ubuntu.com>
>
> [rharwood@redhat.com: tweaked commit message]
> Signed-off-by: Robbie Harwood <rharwood@redhat.com>
> ---
> lib/argp-parse.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/lib/argp-parse.c b/lib/argp-parse.c
> index 053495ec0..4f1c65d73 100644
> --- a/lib/argp-parse.c
> +++ b/lib/argp-parse.c
> @@ -940,7 +940,7 @@ weak_alias (__argp_parse, argp_parse)
> void *
> __argp_input (const struct argp *argp, const struct argp_state *state)
> {
> - if (state)
> + if (state && state->pstate)
> {
> struct group *group;
> struct parser *parser = state->pstate;
I don't think this patch is needed, because:
1) The application cannot construct a 'struct argp_state' by itself, since [1]
says that the 'struct argp_state' contains a member 'pstate' that is
"Private, for use by the argp implementation.".
2) The only place in the gnulib / glibc code where a 'struct argp_state' is
being constructed, is in function parser_init, invoked from 'argp_parse',
and there a non-NULL value is assigned.
In other words, there is no way, compliant with the documented API, that a
NULL pointer can arise as state->pstate.
Bruno
[1] https://www.gnu.org/software/libc/manual/html_node/Argp-Parsing-State.html
[PATCH v2 04/10] Fix width computation, Robbie Harwood, 2021/12/01
[PATCH v2 03/10] gnulib/regexec: Resolve unused variable, Robbie Harwood, 2021/12/01
[PATCH v2 02/10] gnulib/regexec: Fix possible null-dereference, Robbie Harwood, 2021/12/01