[Scidvspc-users] [PATCH] scidpgn: fix NULL pointer deref in sc_game wrt. trialMode
Chess Database and Toolkit program
Brought to you by:
stevenaaus
Menu
▾
▴
[Scidvspc-users] [PATCH] scidpgn: fix NULL pointer deref in sc_game wrt. trialMode
|
From: Ali P. <al...@ex...> - 2016-10-04 10:53:51
|
I have hit this bug every now and then and I did not dig enough to
explain why it does not happen everytime.
Here is the GDB output:
Core was generated by `tkscid /zen/che/bin/scidpgn /zen/che/db/Bases/self.sg4'.
Program terminated with signal SIGSEGV, Segmentation fault.
6050 bool trialMode = (Tcl_GetVar (ti, "trialMode", TCL_GLOBAL_ONLY)[0] == '1');
#0 0x0000000000415aff in sc_game (cd=0x0, ti=0x1021e70, argc=3, argv=0x1026370) at src/tkscid.cpp:6050
#1 0x00007f20675379b6 in TclInvokeStringCommand () from /usr/lib/libtcl8.6.so
#2 0x00007f206753c5f7 in TclNRRunCallbacks () from /usr/lib/libtcl8.6.so
#3 0x00007f206753e702 in TclEvalEx () from /usr/lib/libtcl8.6.so
#4 0x00007f20675f69e8 in Tcl_FSEvalFileEx () from /usr/lib/libtcl8.6.so
#5 0x00007f20671ef1ce in Tk_MainEx () from /usr/lib/libtk8.6.so
#6 0x000000000040649d in main (argc=3, argv=0x7ffd3cce6958) at src/tkscid.cpp:398
(gdb) bt
(gdb) p Tcl_GetVar(ti, "trialMode", TCL_GLOBAL_ONLY)
No symbol "__null" in current context.
Tcl_GetVar() returns NULL when the variable in question is not defined. Hence
line 6050 tries to dereference a NULL pointer. The commit checks for the NULL
condition first.
Signed-off-by: Ali Polatel <al...@ex...>
---
src/tkscid.cpp | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/src/tkscid.cpp b/src/tkscid.cpp
index a411792..337b3e4 100644
--- a/src/tkscid.cpp
+++ b/src/tkscid.cpp
@@ -6047,7 +6047,12 @@ sc_game (ClientData cd, Tcl_Interp * ti, int argc, const char ** argv)
if (argc > 1) { index = strUniqueMatch (argv[1], options);}
- bool trialMode = (Tcl_GetVar (ti, "trialMode", TCL_GLOBAL_ONLY)[0] == '1');
+ const char *trial_mode_val;
+ bool trialMode;
+ if ((trial_mode_val = Tcl_GetVar (ti, "trialMode", TCL_GLOBAL_ONLY)) != NULL)
+ trialMode = trial_mode_val[0] == '1';
+ else
+ trialMode = false;
switch (index) {
case GAME_ALTERED:
--
2.10.0
|
