[tracker/tracker-0.8] libtracker-fts: Avoid possible NULL dereference

From: Martyn James Russell <mr src gnome org>
To: commits-list gnome org
Cc:
Subject: [tracker/tracker-0.8] libtracker-fts: Avoid possible NULL dereference
Date: Fri, 16 Jul 2010 10:14:48 +0000 (UTC)

commit 43d3ff1a879a2e33838b492bacacd07a22d4ae91
Author: Aleksander Morgado <aleksander lanedo com>
Date:   Mon Jul 12 15:07:25 2010 +0200

    libtracker-fts: Avoid possible NULL dereference

 src/libtracker-fts/tracker-fts.c |   39 +++++++++++++++++++++++++------------
 1 files changed, 26 insertions(+), 13 deletions(-)
---
diff --git a/src/libtracker-fts/tracker-fts.c b/src/libtracker-fts/tracker-fts.c
index fd04544..dc92a8a 100644
--- a/src/libtracker-fts/tracker-fts.c
+++ b/src/libtracker-fts/tracker-fts.c
@@ -4397,7 +4397,12 @@ static int tokenizeSegment(
 	&& pToken[2]=='a'
 	&& pToken[3]=='r'
     ){
-      QueryTerm *pTerm = &pQuery->pTerms[pQuery->nTerms-1];
+      QueryTerm *pTerm;
+
+      /* Make sure pQuery->pTerms is non-NULL */
+      g_return_val_if_fail (pQuery->pTerms, SQLITE_ERROR);
+
+      pTerm = &pQuery->pTerms[pQuery->nTerms-1];
       if( (iBegin+6)<nSegment
        && pSegment[iBegin+4] == '/'
        && pSegment[iBegin+5]>='0' && pSegment[iBegin+5]<='9'
@@ -4436,6 +4441,10 @@ static int tokenizeSegment(
     }
 
     queryAdd(pQuery, pToken, nToken);
+
+    /* After queryAdd, make sure pQuery->pTerms is non-NULL */
+    g_return_val_if_fail (pQuery->pTerms, SQLITE_ERROR);
+
     if( !inPhrase && iBegin>0) {
 
    //  printf("first char is %c, prev char is %c\n", pSegment[iBegin], pSegment[iBegin-1]);
@@ -4454,6 +4463,7 @@ static int tokenizeSegment(
   }
 
   if( inPhrase && pQuery->nTerms>firstIndex ){
+    g_return_val_if_fail (pQuery->pTerms, SQLITE_ERROR);
     pQuery->pTerms[firstIndex].nPhrase = pQuery->nTerms - firstIndex - 1;
   }
 
@@ -4473,8 +4483,6 @@ static int parseQuery(
   Query *pQuery		   /* Write the parse results here. */
 ){
   int iInput, inPhrase = 0;
-  int ii;
-  QueryTerm *aTerm;
 
   if( zInput==0 ) nInput = 0;
   if( nInput<0 ) nInput = strlen(zInput);
@@ -4505,16 +4513,21 @@ static int parseQuery(
        do not report error as this may be user input */
   }
 
-  /* Modify the values of the QueryTerm.nPhrase variables to account for
-  ** the NEAR operator. For the purposes of QueryTerm.nPhrase, phrases
-  ** and tokens connected by the NEAR operator are handled as a single
-  ** phrase. See comments above the QueryTerm structure for details.
-  */
-  aTerm = pQuery->pTerms;
-  for(ii=0; ii<pQuery->nTerms; ii++){
-    if( aTerm[ii].nNear || aTerm[ii].nPhrase ){
-      while (aTerm[ii+aTerm[ii].nPhrase].nNear) {
-	aTerm[ii].nPhrase += (1 + aTerm[ii+aTerm[ii].nPhrase+1].nPhrase);
+  if (pQuery->pTerms) {
+    QueryTerm *aTerm;
+    int ii;
+
+    /* Modify the values of the QueryTerm.nPhrase variables to account for
+    ** the NEAR operator. For the purposes of QueryTerm.nPhrase, phrases
+    ** and tokens connected by the NEAR operator are handled as a single
+    ** phrase. See comments above the QueryTerm structure for details.
+    */
+    aTerm = pQuery->pTerms;
+    for(ii=0; ii<pQuery->nTerms; ii++){
+      if( aTerm[ii].nNear || aTerm[ii].nPhrase ){
+        while (aTerm[ii+aTerm[ii].nPhrase].nNear) {
+          aTerm[ii].nPhrase += (1 + aTerm[ii+aTerm[ii].nPhrase+1].nPhrase);
+        }
       }
     }
   }

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]