[evolution-data-server] addressbook: Fix some potential NULL pointer dereferences with SQL

From: Philip Withnall <pwithnall src gnome org>
To: commits-list gnome org
Cc:
Subject: [evolution-data-server] addressbook: Fix some potential NULL pointer dereferences with SQL
Date: Tue, 20 May 2014 10:10:40 +0000 (UTC)

commit 391481b95bb88ca039e6f6c6ef57c81772c4ff4b
Author: Philip Withnall <philip withnall collabora co uk>
Date:   Mon May 19 14:23:19 2014 +0100

    addressbook: Fix some potential NULL pointer dereferences with SQL
    
    The PreflightContext.constraints field may be NULL, especially when
    calling query_preflight() with a newly-initialised context from
    PREFLIGHT_CONTEXT_INIT.
    
    Coverity issues: #1214492, #1214493
    
    https://bugzilla.gnome.org/show_bug.cgi?id=730373

 addressbook/libedata-book/e-book-sqlite.c |   13 +++++++++----
 1 files changed, 9 insertions(+), 4 deletions(-)
---
diff --git a/addressbook/libedata-book/e-book-sqlite.c b/addressbook/libedata-book/e-book-sqlite.c
index 6ae885b..45dd66a 100644
--- a/addressbook/libedata-book/e-book-sqlite.c
+++ b/addressbook/libedata-book/e-book-sqlite.c
@@ -3841,7 +3841,7 @@ typedef struct {
 
 typedef struct {
        PreflightStatus  status;         /* result status */
-       GPtrArray       *constraints;    /* main query */
+       GPtrArray       *constraints;    /* main query; may be NULL */
        guint64          aux_mask;       /* Bitmask of which auxiliary tables are needed in the query */
 } PreflightContext;
 
@@ -4407,8 +4407,13 @@ query_preflight_check (PreflightContext *context,
 
        context->status = PREFLIGHT_OK;
 
-       elements = (QueryElement **) context->constraints->pdata;
-       n_elements = context->constraints->len;
+       if (context->constraints != NULL) {
+               elements = (QueryElement **) context->constraints->pdata;
+               n_elements = context->constraints->len;
+       } else {
+               elements = NULL;
+               n_elements = 0;
+       }
 
        for (i = 0; i < n_elements; i++) {
                QueryFieldTest *test;
@@ -4651,7 +4656,7 @@ query_preflight_substitute_full_name (PreflightContext *context,
 {
        gint i, j;
 
-       for (i = 0; i < context->constraints->len; i++) {
+       for (i = 0; context->constraints != NULL && i < context->constraints->len; i++) {
                SummaryField *family_name, *given_name, *nickname;
                QueryElement *element;
                QueryFieldTest *test;

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]