Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/app-arch/bzip2/files/1.0.2-NULL-ptr-check.patch
diff options
context:
space:
mode:
Diffstat (limited to 'app-arch/bzip2/files/1.0.2-NULL-ptr-check.patch')
-rw-r--r--app-arch/bzip2/files/1.0.2-NULL-ptr-check.patch27
1 files changed, 27 insertions, 0 deletions
diff --git a/app-arch/bzip2/files/1.0.2-NULL-ptr-check.patch b/app-arch/bzip2/files/1.0.2-NULL-ptr-check.patch
new file mode 100644
index 000000000000..e35080f86db8
--- /dev/null
+++ b/app-arch/bzip2/files/1.0.2-NULL-ptr-check.patch
@@ -0,0 +1,27 @@
+Mihai Limbasan writes:
+BZ2_bzclose fails to perform a NULL pointer check before actually
+using the passed BZFILE * argument. The NULL check *is* performed but
+only after the argument is used for the first time, resulting in a
+potential NULL pointer dereference.
+
+http://bugs.gentoo.org/show_bug.cgi?id=75305
+
+Sent upstream but no feedback thus far :(
+diff -Naur bzip2-1.0.2-orig/bzlib.c bzip2-1.0.2/bzlib.c
+--- bzip2-1.0.2-orig/bzlib.c 2002-01-05 02:48:41.000000000 +0200
++++ bzip2-1.0.2/bzlib.c 2004-12-22 15:12:52.824593032 +0200
+@@ -1536,9 +1536,12 @@
+ void BZ_API(BZ2_bzclose) (BZFILE* b)
+ {
+ int bzerr;
+- FILE *fp = ((bzFile *)b)->handle;
+-
++ FILE *fp;
++
+ if (b==NULL) {return;}
++
++ fp = ((bzFile *)b)->handle;
++
+ if(((bzFile*)b)->writing){
+ BZ2_bzWriteClose(&bzerr,b,0,NULL,NULL);
+ if(bzerr != BZ_OK){