From 75e0172d409b99eaa9a4d2584e0bf64f1d55aa50 Mon Sep 17 00:00:00 2001
From: ಚಿರಾಗ್ ನಟರಾಜ್ <chiraag.nataraj@gmail.com>
Date: Thu, 2 Aug 2018 11:43:06 -0400
Subject: Check tmp1 and tmp2 for NULL before passing to parse_nowhitelist
 (thanks @smitsohu!)

---
 src/firejail/fs_whitelist.c | 48 +++++++++++++++++++++++++++++++++------------
 1 file changed, 36 insertions(+), 12 deletions(-)

(limited to 'src')

diff --git a/src/firejail/fs_whitelist.c b/src/firejail/fs_whitelist.c
index 0178e3c5b..3cc116c78 100644
--- a/src/firejail/fs_whitelist.c
+++ b/src/firejail/fs_whitelist.c
@@ -329,9 +329,13 @@ void fs_whitelist(void) {
 		// resolve ${DOWNLOADS}
 		if (strcmp(dataptr, "${DOWNLOADS}") == 0) {
 		  char *tmp1 = resolve_xdg(arg_debug || arg_debug_whitelists, "XDG_DOWNLOAD_DIR=\"$HOME/", 24, "Downloads");
-		  char *tmpw1 = parse_nowhitelist(nowhitelist_flag, tmp1);
+		  char *tmpw1 = NULL;
+		  if (tmp1 != NULL)
+		    tmpw1 = parse_nowhitelist(nowhitelist_flag, tmp1);
 		  char *tmp2 = resolve_hardcoded(arg_debug || arg_debug_whitelists, dentry, "Downloads");
-		  char *tmpw2 = parse_nowhitelist(nowhitelist_flag, tmp2);
+		  char *tmpw2 = NULL;
+		  if (tmp2 != NULL)
+		    tmpw2 = parse_nowhitelist(nowhitelist_flag, tmp2);
 		  if (tmp1 && tmpw1) {
 		    entry->data = tmpw1;
 		    dataptr = (nowhitelist_flag)? entry->data + 12: entry->data + 10;
@@ -356,9 +360,13 @@ void fs_whitelist(void) {
 		// resolve ${MUSIC}
 		if (strcmp(dataptr, "${MUSIC}") == 0) {
 			char *tmp1 = resolve_xdg(arg_debug || arg_debug_whitelists, "XDG_MUSIC_DIR=\"$HOME/", 21, "Music");
-			char *tmpw1 = parse_nowhitelist(nowhitelist_flag, tmp1);
+			char *tmpw1 = NULL;
+			if (tmp1 != NULL)
+			  tmpw1 = parse_nowhitelist(nowhitelist_flag, tmp1);
 			char *tmp2 = resolve_hardcoded(arg_debug || arg_debug_whitelists, mentry, "Music");
-			char *tmpw2 = parse_nowhitelist(nowhitelist_flag, tmp2);
+			char *tmpw2 = NULL;
+			if (tmp2 != NULL)
+			  tmpw2 = parse_nowhitelist(nowhitelist_flag, tmp2);
 			if (tmp1 && tmpw1) {
 				entry->data = tmpw1;
 				dataptr = (nowhitelist_flag)? entry->data + 12: entry->data + 10;
@@ -383,9 +391,13 @@ void fs_whitelist(void) {
 		// resolve ${VIDEOS}
 		if (strcmp(dataptr, "${VIDEOS}") == 0) {
 			char *tmp1 = resolve_xdg(arg_debug || arg_debug_whitelists, "XDG_VIDEOS_DIR=\"$HOME/", 22, "Videos");
-			char *tmpw1 = parse_nowhitelist(nowhitelist_flag, tmp1);
+			char *tmpw1 = NULL;
+			if (tmp1 != NULL)
+			  tmpw1 = parse_nowhitelist(nowhitelist_flag, tmp1);
 			char *tmp2 = resolve_hardcoded(arg_debug || arg_debug_whitelists, ventry, "Videos");
-			char *tmpw2 = parse_nowhitelist(nowhitelist_flag, tmp2);
+			char *tmpw2 = NULL;
+			if (tmp2 != NULL)
+			  tmpw2 = parse_nowhitelist(nowhitelist_flag, tmp2);
 			if (tmp1 && tmpw1) {
 				entry->data = tmpw1;
 				dataptr = (nowhitelist_flag)? entry->data + 12: entry->data + 10;
@@ -410,9 +422,13 @@ void fs_whitelist(void) {
 		// resolve ${PICTURES}
 		if (strcmp(dataptr, "${PICTURES}") == 0) {
 			char *tmp1 = resolve_xdg(arg_debug || arg_debug_whitelists, "XDG_PICTURES_DIR=\"$HOME/", 24, "Pictures");
-			char *tmpw1 = parse_nowhitelist(nowhitelist_flag, tmp1);
+			char *tmpw1 = NULL;
+			if (tmp1 != NULL)
+			  tmpw1 = parse_nowhitelist(nowhitelist_flag, tmp1);
 			char *tmp2 = resolve_hardcoded(arg_debug || arg_debug_whitelists, pentry, "Pictures");
-			char *tmpw2 = parse_nowhitelist(nowhitelist_flag, tmp2);
+			char *tmpw2 = NULL;
+			if (tmp2 != NULL)
+			  tmpw2 = parse_nowhitelist(nowhitelist_flag, tmp2);
 			if (tmp1 && tmpw1) {
 				entry->data = tmpw1;
 				dataptr = (nowhitelist_flag)? entry->data + 12: entry->data + 10;
@@ -437,9 +453,13 @@ void fs_whitelist(void) {
 		// resolve ${DESKTOP}
 		if (strcmp(dataptr, "${DESKTOP}") == 0) {
 			char *tmp1 = resolve_xdg(arg_debug || arg_debug_whitelists, "XDG_DESKTOP_DIR=\"$HOME/", 24, "Desktop");
-			char *tmpw1 = parse_nowhitelist(nowhitelist_flag, tmp1);
+			char *tmpw1 = NULL;
+			if (tmp1 != NULL)
+			  tmpw1 = parse_nowhitelist(nowhitelist_flag, tmp1);
 			char *tmp2 = resolve_hardcoded(arg_debug || arg_debug_whitelists, deentry, "Desktop");
-			char *tmpw2 = parse_nowhitelist(nowhitelist_flag, tmp2);
+			char *tmpw2 = NULL;
+			if (tmp2 != NULL)
+			  tmpw2 = parse_nowhitelist(nowhitelist_flag, tmp2);
 			if (tmp1 && tmpw1) {
 				entry->data = tmpw1;
 				dataptr = (nowhitelist_flag)? entry->data + 12: entry->data + 10;
@@ -464,9 +484,13 @@ void fs_whitelist(void) {
 		// resolve ${DOCUMENTS}
 		if (strcmp(dataptr, "${DOCUMENTS}") == 0) {
 			char *tmp1 = resolve_xdg(arg_debug || arg_debug_whitelists, "XDG_DOCUMENTS_DIR=\"$HOME/", 25, "Documents");
-			char *tmpw1 = parse_nowhitelist(nowhitelist_flag, tmp1);
+			char *tmpw1 = NULL;
+			if (tmp1 != NULL)
+			  tmpw1 = parse_nowhitelist(nowhitelist_flag, tmp1);
 			char *tmp2 = resolve_hardcoded(arg_debug || arg_debug_whitelists, doentry, "Documents");
-			char *tmpw2 = parse_nowhitelist(nowhitelist_flag, tmp2);
+			char *tmpw2 = NULL;
+			if (tmp2 != NULL)
+			  tmpw2 = parse_nowhitelist(nowhitelist_flag, tmp2);
 			if (tmp1 && tmpw1) {
 				entry->data = tmpw1;
 				dataptr = (nowhitelist_flag)? entry->data + 12: entry->data + 10;
-- 
cgit v1.2.3-54-g00ecf