path: root/user/samurai/CVE-2021-30218.patch



From e84b6d99c85043fa1ba54851ee500540ec206918 Mon Sep 17 00:00:00 2001
From: Michael Forney <mforney@mforney.org>
Date: Fri, 2 Apr 2021 17:27:48 -0700
Subject: [PATCH] util: Check for NULL string in writefile

This check was there previously, but was removed in f549b757 with
the addition of a check during parse that every rule has rspfile
if and only if it has rspfile_content. However, this fails to
consider the possibility of those variables coming from the edge
or global environment. So, re-add the check.

Fixes #67.
---
 util.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/util.c b/util.c
index ea5c3ce..2a59881 100644
--- a/util.c
+++ b/util.c
@@ -258,7 +258,7 @@ writefile(const char *name, struct string *s)
 		return -1;
 	}
 	ret = 0;
-	if (fwrite(s->s, 1, s->n, f) != s->n || fflush(f) != 0) {
+	if (s && (fwrite(s->s, 1, s->n, f) != s->n || fflush(f) != 0)) {
 		warn("write %s:", name);
 		ret = -1;
 	}
From e84b6d99c85043fa1ba54851ee500540ec206918 Mon Sep 17 00:00:00 2001
From: Michael Forney <mforney@mforney.org>
Date: Fri, 2 Apr 2021 17:27:48 -0700
Subject: [PATCH] util: Check for NULL string in writefile

This check was there previously, but was removed in f549b757 with
the addition of a check during parse that every rule has rspfile
if and only if it has rspfile_content. However, this fails to
consider the possibility of those variables coming from the edge
or global environment. So, re-add the check.

Fixes #67.
---
 util.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/util.c b/util.c
index ea5c3ce..2a59881 100644
--- a/util.c
+++ b/util.c
@@ -258,7 +258,7 @@ writefile(const char *name, struct string *s)
 		return -1;
 	}
 	ret = 0;
-	if (fwrite(s->s, 1, s->n, f) != s->n || fflush(f) != 0) {
+	if (s && (fwrite(s->s, 1, s->n, f) != s->n || fflush(f) != 0)) {
 		warn("write %s:", name);
 		ret = -1;
 	}