From b33cafb333d26c35eba414a2bef69da87778cdf0 Mon Sep 17 00:00:00 2001 From: Shinwoo Kim Date: Wed, 24 Jun 2015 23:18:07 +0900 Subject: [PATCH] [Prevent] CID 451233 - atspi-registry.c:atspi_deregister_keystroke_listener (dereference before null check) CID 451215 - atspi-registry.c:atspi_deregister_device_event_listener (dereference before null check) CID 451213 - atspi-registry.c:atspi_deregister_device_event_listener (dereference before null check) CID 451078 - atspi-event-listener.c:_atspi_dbus_handle_evnet (dereference after null check) CID 451077 - atspi-stateset.c:atspi_state_set_set_by_name (dereference after null check) Change-Id: I38a6c0062fdae892158fa0a18ba35aadcdc5e855 --- atspi/atspi-event-listener.c | 20 ++++++++++++-------- atspi/atspi-registry.c | 9 ++++++--- atspi/atspi-stateset.c | 1 + 3 files changed, 19 insertions(+), 11 deletions(-) diff --git a/atspi/atspi-event-listener.c b/atspi/atspi-event-listener.c index 292e88b..95af3a0 100644 --- a/atspi/atspi-event-listener.c +++ b/atspi/atspi-event-listener.c @@ -951,16 +951,20 @@ _atspi_dbus_handle_event (DBusConnection *bus, DBusMessage *message, void *data) memset (&e, 0, sizeof (e)); - if (category) + if (!category) { - category = g_utf8_strrchr (category, -1, '.'); - if (category == NULL) - { - // TODO: Error - return DBUS_HANDLER_RESULT_NOT_YET_HANDLED; - } - category++; + // TODO: Error + return DBUS_HANDLER_RESULT_NOT_YET_HANDLED; + } + + category = g_utf8_strrchr (category, -1, '.'); + if (category == NULL) + { + // TODO: Error + return DBUS_HANDLER_RESULT_NOT_YET_HANDLED; } + category++; + dbus_message_iter_get_basic (&iter, &detail); dbus_message_iter_next (&iter); dbus_message_iter_get_basic (&iter, &detail1); diff --git a/atspi/atspi-registry.c b/atspi/atspi-registry.c index c9b11f0..759a1aa 100644 --- a/atspi/atspi-registry.c +++ b/atspi/atspi-registry.c @@ -270,7 +270,7 @@ atspi_deregister_keystroke_listener (AtspiDeviceListener *listener, GError **error) { GArray *d_key_set; - gchar *path = _atspi_device_listener_get_path (listener); + gchar *path; gint i; dbus_uint32_t d_modmask = modmask; dbus_uint32_t d_event_types = event_types; @@ -282,6 +282,7 @@ atspi_deregister_keystroke_listener (AtspiDeviceListener *listener, { return FALSE; } + path = _atspi_device_listener_get_path (listener); /* copy the keyval filter values from the C api into the DBind KeySet */ if (key_set) @@ -363,7 +364,7 @@ atspi_register_device_event_listener (AtspiDeviceListener *listener, { gboolean retval = FALSE; dbus_uint32_t d_event_types = event_types; - gchar *path = _atspi_device_listener_get_path (listener); + gchar *path; DBusError d_error; dbus_error_init (&d_error); @@ -371,6 +372,7 @@ atspi_register_device_event_listener (AtspiDeviceListener *listener, { return retval; } + path = _atspi_device_listener_get_path (listener); dbind_method_call_reentrant (_atspi_bus(), atspi_bus_registry, atspi_path_dec, atspi_interface_dec, "RegisterDeviceEventListener", &d_error, "ou=>b", path, d_event_types, &retval); if (dbus_error_is_set (&d_error)) @@ -400,7 +402,7 @@ atspi_deregister_device_event_listener (AtspiDeviceListener *listener, void *filter, GError **error) { dbus_uint32_t event_types = 0; - gchar *path = _atspi_device_listener_get_path (listener); + gchar *path; DBusError d_error; dbus_error_init (&d_error); @@ -409,6 +411,7 @@ atspi_deregister_device_event_listener (AtspiDeviceListener *listener, { return FALSE; } + path = _atspi_device_listener_get_path (listener); event_types |= (1 << ATSPI_BUTTON_PRESSED_EVENT); event_types |= (1 << ATSPI_BUTTON_RELEASED_EVENT); diff --git a/atspi/atspi-stateset.c b/atspi/atspi-stateset.c index 1f9d993..d6acc85 100644 --- a/atspi/atspi-stateset.c +++ b/atspi/atspi-stateset.c @@ -101,6 +101,7 @@ atspi_state_set_set_by_name (AtspiStateSet *set, const gchar *name, gboolean ena if (!value) { g_warning ("AT-SPI: Attempt to set unknown state '%s'", name); + return; } if (enabled) -- 2.7.4