Fix CVE-2017-11590: https://bugzilla.gnome.org/show_bug.cgi?id=785479 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11590 Patch copied from upstream source repository: https://git.gnome.org/browse/libgxps/commit/?id=9d5d292055250ed298f3b89dc332d6db4003a031 From 9d5d292055250ed298f3b89dc332d6db4003a031 Mon Sep 17 00:00:00 2001 From: Marek Kasik Date: Wed, 26 Jul 2017 16:23:37 +0200 Subject: archive: Check for pathname being NULL before dereferencing Check whether "archive_entry_pathname ()" returns a non-NULL pathname before using it to avoid a NULL pointer being dereferenced. https://bugzilla.gnome.org/show_bug.cgi?id=785479 --- libgxps/gxps-archive.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/libgxps/gxps-archive.c b/libgxps/gxps-archive.c index acf8d7d..e763773 100644 --- a/libgxps/gxps-archive.c +++ b/libgxps/gxps-archive.c @@ -257,6 +257,7 @@ gxps_archive_initable_init (GInitable *initable, GXPSArchive *archive; ZipArchive *zip; struct archive_entry *entry; + const gchar *pathname; archive = GXPS_ARCHIVE (initable); @@ -281,7 +282,9 @@ gxps_archive_initable_init (GInitable *initable, while (gxps_zip_archive_iter_next (zip, &entry)) { /* FIXME: We can ignore directories here */ - g_hash_table_add (archive->entries, g_strdup (archive_entry_pathname (entry))); + pathname = archive_entry_pathname (entry); + if (pathname != NULL) + g_hash_table_add (archive->entries, g_strdup (pathname)); archive_read_data_skip (zip->archive); } -- cgit v0.12