Uploaded image for project: 'Xerces-C++'
  1. Xerces-C++
  2. XERCESC-2085

Crash in PSVIWriter due to strrchr returning NULL

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Minor
    • Resolution: Fixed
    • 3.1.0, 3.1.1, 3.1.2, 3.1.3, 3.1.4
    • 3.2.0
    • Samples/Tests
    • None
    • Debian GNU/Linux amd64

    Description

      This was reported in Debian quite some time ago (I was not maintainer then). I have fixed it in Debian and am forwarding my patch.

      The original Debian bug report can be found at https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=715592

      PSVIWriter uses strrchr but does not properly handle a NULL return value, causing strcat to attempt to dereference a NULL pointer.

      My patch adds a check that the result of strrchr (for the '/' case) is not null before executing the strcat. The case for '
      ' is not affected because of the "greater than" check just prior.

      Attachments

        1. psviwriter_segfault.diff
          0.7 kB
          Bill Blough

        Activity

          People

            scantor Scott Cantor
            billblough Bill Blough
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: