From 564adb96f10a0bf43d67401b05ba0fcafe7c0a83 Mon Sep 17 00:00:00 2001 From: Alan Coopersmith Date: Mon, 16 Nov 2020 18:22:23 -0800 Subject: ucs2any: handle NULL returns from zquotedcpy() bdf file for testing: STARTFONT 2.1 FONT "Bad quotes test font-ISO10646-1 SIZE 7 75 75 FONTBOUNDINGBOX 5 7 0 -1 STARTPROPERTIES 3 SPACING "C SLANT "R ENDPROPERTIES CHARS 0 ENDFONT Before this fix, the above segfaults when the NULL return from zquotedcpy() is passed to other functions expecting a string. Fixes: 21063_61 & 21063_86 from https://cyber-itl.org/2020/10/28/citl-7000-defects.html Signed-off-by: Alan Coopersmith --- ucs2any.c | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/ucs2any.c b/ucs2any.c index 580b023..fa3b2a8 100644 --- a/ucs2any.c +++ b/ucs2any.c @@ -586,6 +586,12 @@ main(int argc, char *argv[]) char * term; /* slightly simplistic check ... */ zquotedcpy(&fontname, nextc); + if (fontname == NULL) { + fprintf(stderr, + "%s: FONT name in '%s' is invalid string '%s'!\n", + my_name, fsource, nextc); + exit(1); + } if ((term = strstr(fontname, "-ISO10646-1")) == NULL) { fprintf(stderr, "%s: FONT name in '%s' is '%s' and not '*-ISO10646-1'!\n", @@ -621,11 +627,23 @@ main(int argc, char *argv[]) } else if ((nextc = startswith(l, "SLANT")) != NULL) { zquotedcpy(&slant, nextc); + if (slant == NULL) { + fprintf(stderr, + "%s: SLANT property in '%s' is invalid string '%s'!\n", + my_name, fsource, nextc); + exit(1); + } slant_index = ++nextheader; da_add_str(headers, slant_index, NULL); } else if ((nextc = startswith(l, "SPACING")) != NULL) { zquotedcpy(&spacing, nextc); + if (spacing == NULL) { + fprintf(stderr, + "%s: SPACING property in '%s' is invalid string '%s'!\n", + my_name, fsource, nextc); + exit(1); + } zstrtoupper(spacing); spacing_index = ++nextheader; da_add_str(headers, spacing_index, NULL); -- cgit v1.2.3