Skip to content
  • Philip Withnall's avatar
    gparamspecs: Fix NULL pointer dereference · 4b7f6ffe
    Philip Withnall authored
    
    
    I’m not sure exactly how this code is supposed to work, so this might
    not be the right fix. But there’s definitely a problem here, and it was
    spotted by scan-build.
    
    If `param_value_array_validate()` is entered with
    `value->data[0].v_pointer == NULL && aspec->fixed_n_elements`, that `NULL`
    will be stored in `value_array` too. `value->data[0].v_pointer` will
    then be set to a new non-`NULL` array.
    
    A few lines down, `value_array_ensure_size()` is called on
    `value_array` – which is still `NULL` – and this results in a `NULL`
    pointer dereference.
    
    It looks like `value->data[0].v_pointer` and `value_array` are used
    interchangeably throughout the whole of the function, so assign the new
    value of `value->data[0].v_pointer` to `value_array` too.
    
    My guess is that `value_array` is just a convenience alias for
    `value->data[0].v_pointer`, because the latter is a real mouthful to
    type or read.
    
    Signed-off-by: default avatarPhilip Withnall <pwithnall@gnome.org>
    
    Helps: #1767
    4b7f6ffe