49 lines
1.5 KiB
Diff
49 lines
1.5 KiB
Diff
|
From e86dd776552224dfc06818b45257066d4ed5bb25 Mon Sep 17 00:00:00 2001
|
|||
|
|
From: Philip Withnall <withnall@endlessm.com>
|
|||
|
|
Date: Wed, 10 Jun 2020 13:26:14 +0100
|
|||
|
|
Subject: [PATCH 0631/1095] gfileutils: Correct operator precedence to avoid
|
|||
|
|
undefined pointer maths
|
|||
|
|
MIME-Version: 1.0
|
|||
|
|
Content-Type: text/plain; charset=UTF-8
|
|||
|
|
Content-Transfer-Encoding: 8bit
|
|||
|
|
|
|||
|
|
`base` can be `-1` in some situations, which would lead to pointing
|
|||
|
|
outside an allocation area if the sums were evaluated as `(file_name +
|
|||
|
|
base) + 1` rather than `file_name + (base + 1)`.
|
|||
|
|
|
|||
|
|
I don’t see how this can practically cause an issue, as the arithmetic
|
|||
|
|
is all finished before anything’s dereferenced, but let’s keep to the
|
|||
|
|
letter of the C standard to avoid this coming up in code audits in
|
|||
|
|
future.
|
|||
|
|
|
|||
|
|
Fix suggested by fablhx.
|
|||
|
|
|
|||
|
|
Signed-off-by: Philip Withnall <withnall@endlessm.com>
|
|||
|
|
|
|||
|
|
Closes: #2077
|
|||
|
|
|
|||
|
|
reason: Correct operator precedence to avoid undefined pointer maths
|
|||
|
|
|
|||
|
|
Conflict:NA
|
|||
|
|
Reference:https://github.com/GNOME/glib/commit/e86dd776552224dfc06818b45257066d4ed5bb25
|
|||
|
|
---
|
|||
|
|
glib/gfileutils.c | 2 +-
|
|||
|
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
|||
|
|
|
|||
|
|
diff --git a/glib/gfileutils.c b/glib/gfileutils.c
|
|||
|
|
index f0799e2..ede22b8 100644
|
|||
|
|
--- a/glib/gfileutils.c
|
|||
|
|
+++ b/glib/gfileutils.c
|
|||
|
|
@@ -2397,7 +2397,7 @@ g_path_get_basename (const gchar *file_name)
|
|||
|
|
|
|||
|
|
len = last_nonslash - base;
|
|||
|
|
retval = g_malloc (len + 1);
|
|||
|
|
- memcpy (retval, file_name + base + 1, len);
|
|||
|
|
+ memcpy (retval, file_name + (base + 1), len);
|
|||
|
|
retval [len] = '\0';
|
|||
|
|
|
|||
|
|
return retval;
|
|||
|
|
--
|
|||
|
|
1.8.3.1
|
|||
|
|
|