xlog-discussion
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xlog-discussion] NULL pointer deref in in xlog 0.9.6

From: Joop Stakenborg
Subject: Re: [Xlog-discussion] NULL pointer deref in in xlog 0.9.6
Date: Wed, 02 Jun 2004 21:14:45 +0200
User-agent: Mozilla Thunderbird 0.6 (X11/20040528) 
Nigel Horne wrote:

There is a bug in xlog0.9.6 which could cause Xlog to crash on startup on some 
architectures.

The problem is in src/dxcc.c. At line 272 there is the following loop start:
        while (!feof (fp))

7 lines later this appears:
        if (ch == EOF) break;
However this line will only break out of the loop starting on line 273:
                while (ch != 10)

So having read an EOF the processing carries on with an empty buffer to lines 
290
                split = g_strsplit (buf, " ", 2);


Where because split is now NULL (there was no 2nd element in buf since that is 
empty)
the next line crashes:
        g_ascii_strup(split[1], -1);

The fix is to add a second break thus:

        while (!feof (fp))
        {
                while (ch != 10)
                {
                        ch = fgetc (fp);
                        if (ch == EOF) break;
                        buf[ichar++] = ch;
                }
+               if(feof(fp))
+                       break;
                buf[ichar] = '\0';
                ichar = 0;
                ch = 0;




Hi Nigel,
thanks for sharing. I will add your fix to the next release. It might be a while though, because I am going on holiday shortly.... 

Regards,
Joop PG4I
reply via email to
[Prev in Thread] Current Thread [Next in Thread]