Protect against NULL variable reaching strcmp()

Resolves: #1706198
2019-05-14 13:43:43 +02:00 · 2019-05-14 13:43:43 +02:00 · 423225abd4
commit 423225abd4
parent 07885f7d0d
2 changed files with 38 additions and 1 deletions
--- a/0001-sidebar-links-protect-against-NULL-var-reaching-strc.patch
+++ b/0001-sidebar-links-protect-against-NULL-var-reaching-strc.patch
@ -0,0 +1,30 @@
+From ed0241a5307e83484e25c01a8027504ea4dc35f3 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Nelson=20Ben=C3=ADtez=20Le=C3=B3n?= <nbenitezl@gmail.com>
+Date: Thu, 21 Mar 2019 22:25:00 -0400
+Subject: [PATCH] sidebar links: protect against NULL var reaching strcmp()
+
+Protect against a valid case of index_expand being NULL,
+by adding a NULL check prior to checking for empty string
+with strcmp().
+
+Fixes #1113
+---
+ shell/ev-sidebar-links.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/shell/ev-sidebar-links.c b/shell/ev-sidebar-links.c
+index 8955d19c..29d3997e 100644
+--- a/shell/ev-sidebar-links.c
+++ b/shell/ev-sidebar-links.c
+@@ -518,7 +518,7 @@ row_collapsed_cb (GtkTreeView *tree_view,
+ 		if (ev_metadata_get_string (metadata, "index-collapse", &index_collapse)) {
+ 			/* If collapsed row is not in 'index_collapse' we add it. */
+ 			if (g_strstr_len (index_collapse, -1, path_token) == NULL) {
+-				if (!strcmp (index_expand, ""))
+				if (!index_expand || !strcmp (index_expand, ""))
+ 					new_index = g_strconcat (index_collapse, path_token, NULL);
+ 				else
+ 					new_index = g_strconcat (index_collapse, path_token + 1, NULL);
+-- 
+2.20.1
+
--- a/evince.spec
+++ b/evince.spec
@ -6,7 +6,7 @@

 Name:           evince
 Version:        3.32.0
-Release:        1%{?dist}
+Release:        2%{?dist}
 Summary:        Document viewer

 License:        GPLv2+ and GPLv3+ and LGPLv2+ and MIT and Afmparse
@ -16,6 +16,9 @@ Source0:        https://download.gnome.org/sources/%{name}/3.32/%{name}-%{versio
 # https://bugzilla.gnome.org/show_bug.cgi?id=766749
 Patch3:         0001-Resolves-deb-762530-rhbz-1061177-add-man-pages.patch

+# https://bugzilla.gnome.org/show_bug.cgi?id=1706198
+Patch4:         0001-sidebar-links-protect-against-NULL-var-reaching-strc.patch
+
 BuildRequires:  gcc-c++
 BuildRequires:  gcc
 BuildRequires:  gettext-devel
@ -244,6 +247,10 @@ desktop-file-validate $RPM_BUILD_ROOT%{_datadir}/applications/org.gnome.Evince-p
 %{_libdir}/nautilus/extensions-3.0/libevince-properties-page.so

 %changelog
+* Tue May 14 2019 Marek Kasik <mkasik@redhat.com> - 3.32.0-2
+- Protect against NULL variable reaching strcmp()
+- Resolves: #1706198
+
 * Thu Mar 14 2019 Kalev Lember <klember@redhat.com> - 3.32.0-1
 - Update to 3.32.0