| CVE: CVE-2023-33461 |
| Upstream-Status: Backport [https://github.com/ndevilla/iniparser/pull/146/commits/ace9871f65d11b5d73f0b9ee8cf5d2807439442d] |
| Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> |
| |
| |
| From ace9871f65d11b5d73f0b9ee8cf5d2807439442d Mon Sep 17 00:00:00 2001 |
| From: Antonio <antoniolrt@gmail.com> |
| Date: Fri, 2 Jun 2023 15:03:10 -0300 |
| Subject: [PATCH] Handle null return from iniparser_getstring |
| |
| Fix handling of NULL returns from iniparser_getstring in |
| iniparser_getboolean, iniparser_getlongint and iniparser_getdouble, |
| avoiding a crash. |
| --- |
| src/iniparser.c | 6 +++--- |
| 1 file changed, 3 insertions(+), 3 deletions(-) |
| |
| diff --git a/src/iniparser.c b/src/iniparser.c |
| index f1d1658..dbceb20 100644 |
| --- a/src/iniparser.c |
| +++ b/src/iniparser.c |
| @@ -456,7 +456,7 @@ long int iniparser_getlongint(const dictionary * d, const char * key, long int n |
| const char * str ; |
| |
| str = iniparser_getstring(d, key, INI_INVALID_KEY); |
| - if (str==INI_INVALID_KEY) return notfound ; |
| + if (str==NULL || str==INI_INVALID_KEY) return notfound ; |
| return strtol(str, NULL, 0); |
| } |
| |
| @@ -511,7 +511,7 @@ double iniparser_getdouble(const dictionary * d, const char * key, double notfou |
| const char * str ; |
| |
| str = iniparser_getstring(d, key, INI_INVALID_KEY); |
| - if (str==INI_INVALID_KEY) return notfound ; |
| + if (str==NULL || str==INI_INVALID_KEY) return notfound ; |
| return atof(str); |
| } |
| |
| @@ -553,7 +553,7 @@ int iniparser_getboolean(const dictionary * d, const char * key, int notfound) |
| const char * c ; |
| |
| c = iniparser_getstring(d, key, INI_INVALID_KEY); |
| - if (c==INI_INVALID_KEY) return notfound ; |
| + if (c==NULL || c==INI_INVALID_KEY) return notfound ; |
| if (c[0]=='y' || c[0]=='Y' || c[0]=='1' || c[0]=='t' || c[0]=='T') { |
| ret = 1 ; |
| } else if (c[0]=='n' || c[0]=='N' || c[0]=='0' || c[0]=='f' || c[0]=='F') { |