lib/vector/vlib: Fix possible null pointer dereference#4638
Open
ymdatta wants to merge 4 commits intoOSGeo:mainfrom
Open
lib/vector/vlib: Fix possible null pointer dereference#4638ymdatta wants to merge 4 commits intoOSGeo:mainfrom
ymdatta wants to merge 4 commits intoOSGeo:mainfrom
Conversation
In the function `Vect_cat_list_to_array`, as part of the execution, if list turns out to not contain any numbers, `cats` internal variable is not changed from NULL. Without checking if `cats` is NULL or not, qsort or first elemnt of it is accessed, which can lead to null pointer dereference. To fix that issue, only access cats if it's not NULL. This issue was found using cppcheck tool. Signed-off-by: Mohan Yelugoti <ymdatta.work@gmail.com>
github-actions
bot
added
vector
nilason
changed the title
ymdatta
added a commit
to ymdatta/grass
that referenced
this pull request
Nov 27, 2024
Documented each supression issue with comments to distinguish between false positives and true positives awaiting resolution. For the false positives supressions, appropriate information is provided on why those were considered as false positive. True positives will be removed from the suppression file once their corresponding fixes(OSGeo#4702, OSGeo#4638, OSGeo#4500, OSGeo#4499) are merged. Run: `cppcheck --suppressions-list=.cppcheck-supressions <path>` Signed-off-by: Mohan Yelugoti <ymdatta.work@gmail.com>
ymdatta
added a commit
to ymdatta/grass
that referenced
this pull request
Nov 27, 2024
Documented each suppression issue with comments to distinguish between false positives and true positives awaiting resolution. For the false positives suppressions, appropriate information is provided on why those were considered as false positive. True positives will be removed from the suppression file once their corresponding fixes(OSGeo#4702, OSGeo#4638, OSGeo#4500, OSGeo#4499) are merged. Run: `cppcheck --suppressions-list=.cppcheck-suppressions <path>` Signed-off-by: Mohan Yelugoti <ymdatta.work@gmail.com>
nilason
reviewed
Dec 3, 2024
| *nvals = n_cats = 0; | ||
| *nvals = n_cats = n_ucats = 0; | ||
| cats = NULL; | ||
| for (i = 0; i < list->n_ranges; i++) { |
Contributor
There was a problem hiding this comment.
It seems to me to be a better solution to make an early exit before this for statement, with something like:
if (list->n_ranges <= 0)
return -1;If list->n_ranges is 0 or less, cats and n_cats are never set... and the rest doesn't make any sense.
@metzm Perhaps you may have some insight in this?
Contributor
Author
There was a problem hiding this comment.
@nilason : Thanks for the review.
But, I am worried that '-1' indicates that something has gone wrong while converting using Vect_cat_list_to_array function, but here there is nothing wrong and it's just that the argument has no elements in it. What do you think about it?
Contributor
There was a problem hiding this comment.
I would suggest to make an early exit just before qsort, like
if (n_cats == 0) {
return 0;
}This is not a failure, there would be simply no entries in the list.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
In the function
Vect_cat_list_to_array, as part of the execution, if list turns out to not contain any numbers,catsinternal variable is not changed from NULL. Without checking ifcatsis NULL or not, qsort or first elemnt of it is accessed, which can lead to null pointer dereference.To fix that issue, only access cats if it's not NULL.
This issue was found using cppcheck tool.