From eedf4f4e630f98350090ef2824b0981ffb4b7a4a Mon Sep 17 00:00:00 2001 From: Dan McGee Date: Fri, 10 Dec 2010 19:43:59 -0600 Subject: Fix possible null pointer deref in check_arch If we have a corrupted database, a package can come through without an arch, causing the code to blow up when making strcmp() calls. It might even be possible with perfectly valid database entries lacking an 'arch =' line. This behavior was seen as at least one of the problems in FS#21668. Ensure pkgarch is not null before doing anything further. Signed-off-by: Dan McGee --- lib/libalpm/trans.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/libalpm/trans.c b/lib/libalpm/trans.c index 49fc0f67..02612ec1 100644 --- a/lib/libalpm/trans.c +++ b/lib/libalpm/trans.c @@ -107,7 +107,7 @@ static alpm_list_t *check_arch(alpm_list_t *pkgs) for(i = pkgs; i; i = i->next) { pmpkg_t *pkg = i->data; const char *pkgarch = alpm_pkg_get_arch(pkg); - if(strcmp(pkgarch,arch) && strcmp(pkgarch,"any")) { + if(pkgarch && strcmp(pkgarch, arch) && strcmp(pkgarch, "any")) { char *string; const char *pkgname = alpm_pkg_get_name(pkg); const char *pkgver = alpm_pkg_get_version(pkg); -- cgit v1.2.3-24-g4f1b