Bug 1170166 - AUDIT-FIND: enlightenment: enlightenment_system: `_cb_l2ping_ping()` SEGFAULTs when no parameter is passed.
AUDIT-FIND: enlightenment: enlightenment_system: `_cb_l2ping_ping()` SEGFAULT...
Status: RESOLVED FIXED
Classification: openSUSE
Product: openSUSE Tumbleweed
Classification: openSUSE
Component: Security
Current
Other Other
: P5 - None : Normal (vote)
: ---
Assigned To: Simon Lees
E-mail List
:
Depends on:
Blocks: 1169238
  Show dependency treegraph
 
Reported: 2020-04-22 09:30 UTC by Matthias Gerstner
Modified: 2020-05-22 08:28 UTC (History)
2 users (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Matthias Gerstner 2020-04-22 09:30:41 UTC
+++ This bug was initially created as a clone of Bug #1169238

e) `_cb_l2ping_ping()` SEGFAULTs when no parameter is passed.

This function unconditionally dereferences the `params` string in a `sscanf()`
call, which causes a SEGFAULT by dereferencing a NULL pointer when a user is
not passing any parameter data.
Comment 1 Simon Lees 2020-04-22 11:03:30 UTC
Upstream: https://phab.enlightenment.org/T8674
Comment 3 Matthias Gerstner 2020-04-30 12:29:50 UTC
Well this one was simple enough. Looks fixed :)
Comment 4 Matthias Gerstner 2020-05-22 08:28:50 UTC
The fix made it into the upstream 0.24 release. Closing as fixed.