[goffice] Fuzzed file fix. [#750860]

From: Jean Bréfort <jbrefort src gnome org>
To: commits-list gnome org
Cc:
Subject: [goffice] Fuzzed file fix. [#750860]
Date: Wed, 17 Jun 2015 06:45:17 +0000 (UTC)
commit 8c84e679848af46a138474427ba3725f9d63f286
Author: Jean Brefort <jean brefort normalesup org>
Date:   Wed Jun 17 08:45:03 2015 +0200

    Fuzzed file fix.  [#750860]

 ChangeLog                  |    5 +++++
 NEWS                       |    1 +
 goffice/graph/gog-object.c |   44 +++++++++++++++++++++++++++++++-------------
 3 files changed, 37 insertions(+), 13 deletions(-)
---
diff --git a/ChangeLog b/ChangeLog
index 7e907bb..474d52c 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,8 @@
+2015-06-17  Jean Brefort  <jean brefort normalesup org>
+
+       * goffice/graph/gog-object.c (gog_object_get_child_by_role): protect against
+       NULL argument. [#750860]
+
 2015-06-12  Morten Welinder  <terra gnome org>
 
        * goffice/app/io-context.c (ioc_finalize): Plug leak.
diff --git a/NEWS b/NEWS
index c8e591d..35cbe5e 100644
--- a/NEWS
+++ b/NEWS
@@ -2,6 +2,7 @@ goffice 0.10.23:
 
 Jean:
        * Disable metafiles support when there is no screen. [#748493]
+       * Fuzzed file fix.  [#750860]
 
 Morten:
        * Fix ABR [#749167]
diff --git a/goffice/graph/gog-object.c b/goffice/graph/gog-object.c
index f9ace6d..9ecac45 100644
--- a/goffice/graph/gog-object.c
+++ b/goffice/graph/gog-object.c
@@ -967,10 +967,13 @@ gog_object_is_same_type (GogObject *obj_a, GogObject *obj_b)
 static void
 gog_object_generate_name (GogObject *obj)
 {
-       GogObjectClass *klass = GOG_OBJECT_GET_CLASS (obj);
+       GogObjectClass *klass;
+
        char const *type_name;
 
-       g_return_if_fail (klass != NULL);
+       g_return_val_if_fail (GOG_IS_OBJECT (obj), NULL);
+
+       klass = GOG_OBJECT_GET_CLASS (obj);
        g_return_if_fail (obj->role != NULL);
 
        switch (obj->role->naming_conv) {
@@ -1283,8 +1286,11 @@ GogObject *
 gog_object_get_child_by_role (GogObject const *obj, GogObjectRole const *role)
 {
        GogObject *res = NULL;
-       GSList *children = gog_object_get_children (obj, role);
+       GSList *children;
+
+       g_return_val_if_fail (GOG_IS_OBJECT (obj), NULL);
 
+       children = gog_object_get_children (obj, role);
        if (children != NULL && children->next == NULL)
                res = children->data;
        g_slist_free (children);
@@ -1303,6 +1309,7 @@ gog_object_get_child_by_role (GogObject const *obj, GogObjectRole const *role)
 GogObject *
 gog_object_get_child_by_name (GogObject const *obj, char const *name)
 {
+       g_return_val_if_fail (GOG_IS_OBJECT (obj), NULL);
        return gog_object_get_child_by_role (obj,
                gog_object_find_role_by_name (obj, name));
 }
@@ -1385,8 +1392,11 @@ gog_role_cmp_full (GogObjectRole const *a, GogObjectRole const *b)
 GSList *
 gog_object_possible_additions (GogObject const *parent)
 {
-       GogObjectClass *klass = GOG_OBJECT_GET_CLASS (parent);
-       g_return_val_if_fail (klass != NULL, NULL);
+       GogObjectClass *klass;
+
+       g_return_val_if_fail (GOG_IS_OBJECT (parent), NULL);
+
+       klass = GOG_OBJECT_GET_CLASS (parent);
 
        if (klass->roles != NULL) {
                struct possible_add_closure data;
@@ -1526,9 +1536,11 @@ gog_object_get_editor (GogObject *obj, GogDataAllocator *dalloc,
 #ifdef GOFFICE_WITH_GTK
        GtkWidget *notebook;
        GOEditor *editor;
-       GogObjectClass *klass = GOG_OBJECT_GET_CLASS (obj);
+       GogObjectClass *klass;
+
+       g_return_val_if_fail (GOG_IS_OBJECT (obj), NULL);
 
-       g_return_val_if_fail (klass != NULL, NULL);
+       klass = GOG_OBJECT_GET_CLASS (obj);
 
        editor = go_editor_new ();
        go_editor_set_use_scrolled_window (editor, TRUE);
@@ -1561,9 +1573,11 @@ gog_object_get_editor (GogObject *obj, GogDataAllocator *dalloc,
 GogView *
 gog_object_new_view (GogObject const *obj, GogView *parent)
 {
-       GogObjectClass *klass = GOG_OBJECT_GET_CLASS (obj);
+       GogObjectClass *klass;
 
-       g_return_val_if_fail (klass != NULL, NULL);
+       g_return_val_if_fail (GOG_IS_OBJECT (obj), NULL);
+
+       klass = GOG_OBJECT_GET_CLASS (obj);
 
        if (klass->view_type != 0)
                /* set model before parent */
@@ -1578,10 +1592,12 @@ gog_object_new_view (GogObject const *obj, GogView *parent)
 void
 gog_object_update (GogObject *obj)
 {
-       GogObjectClass *klass = GOG_OBJECT_GET_CLASS (obj);
+       GogObjectClass *klass;
        GSList *ptr;
 
-       g_return_if_fail (klass != NULL);
+       g_return_if_fail (GOG_IS_OBJECT (obj));
+
+       klass = GOG_OBJECT_GET_CLASS (obj);
 
        ptr = obj->children; /* depth first */
        for (; ptr != NULL ; ptr = ptr->next)
@@ -2053,9 +2069,11 @@ gog_object_is_default_position_flags (GogObject const *obj, char const *name)
 GogObjectRole const *
 gog_object_find_role_by_name (GogObject const *obj, char const *role)
 {
-       GogObjectClass *klass = GOG_OBJECT_GET_CLASS (obj);
+       GogObjectClass *klass;
 
-       g_return_val_if_fail (klass != NULL, NULL);
+       g_return_val_if_fail (GOG_IS_OBJECT (obj), NULL);
+
+       klass = GOG_OBJECT_GET_CLASS (obj);
 
        return g_hash_table_lookup (klass->roles, role);
 }
[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]