From: Mike FABIAN Date: Thu, 18 Oct 2007 12:44:28 +0000 (-0700) Subject: Avoid crashes if config files contain junk. X-Git-Tag: 2.4.91~26 X-Git-Url: https://git.wh0rd.org/?a=commitdiff_plain;h=07e646cc8422bda778ecf1c084129556a39a0f2a;p=fontconfig.git Avoid crashes if config files contain junk. If ~/.fonts.conf contains: mono fontconfig crashes: mfabian@magellan:~$ fc-match sans Fontconfig error: "~/.fonts.conf", line 46: "mono": not a valid integer セグメンテーション違反です (core dumped) mfabian@magellan:~$ Of course the above is nonsense, “mono” is no valid integer indeed. But I think nevertheless fontconfig should not crash in that case. The problem was caused by partially truncated expression trees caused by parse errors -- typechecking these walked the tree without verifying the integrity of the structure. Of course, the whole tree will be discarded shortly after being loaded as it contained an error. --- diff --git a/src/fcxml.c b/src/fcxml.c index 156599c..3b08fea 100644 --- a/src/fcxml.c +++ b/src/fcxml.c @@ -558,6 +558,10 @@ FcTypecheckExpr (FcConfigParse *parse, FcExpr *expr, FcType type) const FcObjectType *o; const FcConstant *c; + /* If parsing the expression failed, some nodes may be NULL */ + if (!expr) + return; + switch (expr->op) { case FcOpInteger: case FcOpDouble: