diff options
| author | Evgeny Vereshchagin <evvers@ya.ru> | 2022-10-09 07:53:02 +0000 |
|---|---|---|
| committer | Evgeny Vereshchagin <evvers@ya.ru> | 2022-10-10 16:25:55 +0000 |
| commit | ae03bcdb1116a953d4d33661cf878e68cdfbb9fd (patch) | |
| tree | 54f47c09334b5f325c607ced127b74902e44dfde /bus | |
| parent | fd650a70078efb237a463fa265b0bd7d5a1e6ba4 (diff) | |
| download | dbus-ae03bcdb1116a953d4d33661cf878e68cdfbb9fd.tar.gz | |
config-parser: no longer get past the last NULL passed to locate_attributes
Fixes: bc86794f23fa53
Fixes:
```
==302818==ERROR: AddressSanitizer: stack-buffer-underflow on address 0x7ffd6ac253c0 at pc 0x000000534d0b bp 0x7ffd6ac24e10 sp 0x7ffd6ac24e08
READ of size 8 at 0x7ffd6ac253c0 thread T0
#0 0x534d0a in locate_attributes /home/vagrant/dbus/build/../bus/config-parser.c:658:16
#1 0x52ea3f in start_busconfig_child /home/vagrant/dbus/build/../bus/config-parser.c:1080:12
#2 0x52cca4 in bus_config_parser_start_element /home/vagrant/dbus/build/../bus/config-parser.c:2039:14
#3 0x52b82b in expat_StartElementHandler /home/vagrant/dbus/build/../bus/config-loader-expat.c:107:8
#4 0x7f2179f2d2bd (/lib64/libexpat.so.1+0xd2bd) (BuildId: 0165eed77c910f6ef2227d21afa9c5c5ed5849c2)
#5 0x7f2179f2aed3 (/lib64/libexpat.so.1+0xaed3) (BuildId: 0165eed77c910f6ef2227d21afa9c5c5ed5849c2)
#6 0x7f2179f2c9ec (/lib64/libexpat.so.1+0xc9ec) (BuildId: 0165eed77c910f6ef2227d21afa9c5c5ed5849c2)
#7 0x7f2179f30a8e in XML_ParseBuffer (/lib64/libexpat.so.1+0x10a8e) (BuildId: 0165eed77c910f6ef2227d21afa9c5c5ed5849c2)
#8 0x52b040 in bus_config_load /home/vagrant/dbus/build/../bus/config-loader-expat.c:259:9
#9 0x523c8a in bus_context_new /home/vagrant/dbus/build/../bus/bus.c:828:12
#10 0x521056 in main /home/vagrant/dbus/build/../bus/main.c:716:13
#11 0x7f2179a2954f in __libc_start_call_main (/lib64/libc.so.6+0x2954f) (BuildId: 9c5863396a11aab52ae8918ae01a362cefa855fe)
#12 0x7f2179a29608 in __libc_start_main@GLIBC_2.2.5 (/lib64/libc.so.6+0x29608) (BuildId: 9c5863396a11aab52ae8918ae01a362cefa855fe)
#13 0x42a914 in _start (/home/vagrant/dbus/build/bus/dbus-daemon+0x42a914) (BuildId: df5369f85137975aff9bd398ae859706cc3c52ff)
Address 0x7ffd6ac253c0 is located in stack of thread T0 at offset 0 in frame
#0 0x52cfaf in start_busconfig_child /home/vagrant/dbus/build/../bus/config-parser.c:733
```
Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>
Diffstat (limited to 'bus')
| -rw-r--r-- | bus/config-parser.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/bus/config-parser.c b/bus/config-parser.c index f9b70477..9f2e3c79 100644 --- a/bus/config-parser.c +++ b/bus/config-parser.c @@ -642,10 +642,11 @@ locate_attributes (BusConfigParser *parser, va_start (args, first_attribute_retloc); name = va_arg (args, const char*); - retloc = va_arg (args, const char**); + retloc = NULL; while (name != NULL) { + retloc = va_arg (args, const char**); _dbus_assert (retloc != NULL); _dbus_assert (n_attrs < MAX_ATTRS); @@ -655,7 +656,6 @@ locate_attributes (BusConfigParser *parser, *retloc = NULL; name = va_arg (args, const char*); - retloc = va_arg (args, const char**); } va_end (args); |