blob: 0b50175a554a1595b6bdc89ffb805fecedf6d980 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
|
From 981a37916fdb7b73435c6d5cdb01428b2269427d Mon Sep 17 00:00:00 2001
From: TJ Saunders <tj@castaglia.org>
Date: Sun, 9 Feb 2025 12:14:25 -0800
Subject: [PATCH] Issue #1866: Some of the fuzzing tests submitted in the
advisory ran into existing null pointer dereferences (not buffer overflows);
let's correct them. (#1867)
Upstream-Status: Backport [https://github.com/proftpd/proftpd/commit/981a37916fdb7b73435c6d5cdb01428b2269427d]
CVE: CVE-2024-57392
Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
---
modules/mod_ls.c | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/modules/mod_ls.c b/modules/mod_ls.c
index 45a3187bd..f7abfe540 100644
--- a/modules/mod_ls.c
+++ b/modules/mod_ls.c
@@ -349,7 +349,8 @@ static int sendline(int flags, char *fmt, ...) {
errno != 0) {
int xerrno = errno;
- if (session.d != NULL) {
+ if (session.d != NULL &&
+ session.d->outstrm != NULL) {
xerrno = PR_NETIO_ERRNO(session.d->outstrm);
}
@@ -1039,7 +1040,9 @@ static int outputfiles(cmd_rec *cmd) {
return res;
}
- tail->down = NULL;
+ if (tail != NULL) {
+ tail->down = NULL;
+ }
tail = NULL;
colwidth = (colwidth | 7) + 1;
if (opt_l || !opt_C) {
--
2.25.1
|
