Fossil SCM
Add a NULL check where a change from [4c3e1728e1b1a9cb] inadvertently changed the semantics from NULL=="" to NULL==NULL, triggering a null pointer deref via backlinks parsing. Triggered by rebuild when encountering a tag with no value.
Commit
441264b759d9e07a78f3715be919b72fc64a4ddef9a94e920f3025c0be7d17ba
Parent
0ea8703b60c604d…
1 file changed
+1
-1
+1
-1
| --- src/tag.c | ||
| +++ src/tag.c | ||
| @@ -218,11 +218,11 @@ | ||
| 218 | 218 | } |
| 219 | 219 | } |
| 220 | 220 | if( zCol ){ |
| 221 | 221 | db_multi_exec("UPDATE event SET \"%w\"=%Q WHERE objid=%d", |
| 222 | 222 | zCol, zValue, rid); |
| 223 | - if( tagid==TAG_COMMENT ){ | |
| 223 | + if( tagid==TAG_COMMENT && zValue!=0 ){ | |
| 224 | 224 | char *zCopy = fossil_strdup(zValue); |
| 225 | 225 | backlink_extract(zCopy, MT_NONE, rid, BKLNK_COMMENT, mtime, 1); |
| 226 | 226 | free(zCopy); |
| 227 | 227 | } |
| 228 | 228 | } |
| 229 | 229 |
| --- src/tag.c | |
| +++ src/tag.c | |
| @@ -218,11 +218,11 @@ | |
| 218 | } |
| 219 | } |
| 220 | if( zCol ){ |
| 221 | db_multi_exec("UPDATE event SET \"%w\"=%Q WHERE objid=%d", |
| 222 | zCol, zValue, rid); |
| 223 | if( tagid==TAG_COMMENT ){ |
| 224 | char *zCopy = fossil_strdup(zValue); |
| 225 | backlink_extract(zCopy, MT_NONE, rid, BKLNK_COMMENT, mtime, 1); |
| 226 | free(zCopy); |
| 227 | } |
| 228 | } |
| 229 |
| --- src/tag.c | |
| +++ src/tag.c | |
| @@ -218,11 +218,11 @@ | |
| 218 | } |
| 219 | } |
| 220 | if( zCol ){ |
| 221 | db_multi_exec("UPDATE event SET \"%w\"=%Q WHERE objid=%d", |
| 222 | zCol, zValue, rid); |
| 223 | if( tagid==TAG_COMMENT && zValue!=0 ){ |
| 224 | char *zCopy = fossil_strdup(zValue); |
| 225 | backlink_extract(zCopy, MT_NONE, rid, BKLNK_COMMENT, mtime, 1); |
| 226 | free(zCopy); |
| 227 | } |
| 228 | } |
| 229 |