diff options
author | Adam Wolk <awolk@openbsd.org> | 2016-04-18 18:42:08 +0200 |
---|---|---|
committer | Adam Wolk <awolk@openbsd.org> | 2016-04-18 18:42:08 +0200 |
commit | c6d886dad40c66cd4d363745ef240914f4dfc937 (patch) | |
tree | 6d873f37891bb27235c70fb89f42df4c65350646 | |
parent | b2b99e86f09d30c94c95913bff5f75e27a86697a (diff) | |
download | libproxy-git-c6d886dad40c66cd4d363745ef240914f4dfc937.tar.gz |
Fix #24 NULL pointer dereference in ignore_ip.cpp line 151
Qt5 started to use libproxy and this exposed a crashing bug on OpenBSD
when using Qt5 applications on Gnome 3.
Here's a sample backtrace:
https://gist.github.com/mulander/c03997ae7e3fe4e30af0d4f2ce2965f0
The issue is caused by an unguarded dereference of ign_ip.
Other parts of the code properly expect that sockaddr_from_string
might return null and guard against it.
Adding a proper guard prevents a segfault both in OpenBSD
www/otter-browser and devel/zeal.
-rw-r--r-- | libproxy/modules/ignore_ip.cpp | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/libproxy/modules/ignore_ip.cpp b/libproxy/modules/ignore_ip.cpp index 709a08d..9f795c4 100644 --- a/libproxy/modules/ignore_ip.cpp +++ b/libproxy/modules/ignore_ip.cpp @@ -147,7 +147,7 @@ public: else { /* If CIDR notation was used, get the netmask */ - if (sscanf(mask.c_str(), "%d", &cidr) == 1) + if (ign_ip && sscanf(mask.c_str(), "%d", &cidr) == 1) net_ip = sockaddr_from_cidr(ign_ip->sa_family, cidr); } |