adamwill / rpms / openscap

Forked from rpms/openscap 3 years ago
Clone

Blame SOURCES/openscap-1.2.18-cvrf-segfault.patch

cf36c6
diff --git a/src/CVRF/cvrf_eval.c b/src/CVRF/cvrf_eval.c
cf36c6
index 049b871f8..3bb39d109 100644
cf36c6
--- a/src/CVRF/cvrf_eval.c
cf36c6
+++ b/src/CVRF/cvrf_eval.c
cf36c6
@@ -89,10 +89,14 @@ struct cvrf_session *cvrf_session_new_from_source_model(struct oscap_source *sou
cf36c6
 	if (source == NULL)
cf36c6
 		return NULL;
cf36c6
 
cf36c6
+	struct cvrf_model *model = cvrf_model_import(source);
cf36c6
+	if (model == NULL) {
cf36c6
+		return NULL;
cf36c6
+	}
cf36c6
 	struct cvrf_session *ret = malloc(sizeof(struct cvrf_session));
cf36c6
 	ret->source = source;
cf36c6
 	ret->index = NULL;
cf36c6
-	ret->model = cvrf_model_import(source);
cf36c6
+	ret->model = model;
cf36c6
 	ret->os_name = NULL;
cf36c6
 	ret->product_ids = oscap_stringlist_new();
cf36c6
 	ret->def_model = oval_definition_model_new();
cf36c6
@@ -225,6 +229,9 @@ struct oscap_source *cvrf_model_get_results_source(struct oscap_source *import_s
cf36c6
 	if (import_source == NULL)
cf36c6
 		return NULL;
cf36c6
 	struct cvrf_session *session = cvrf_session_new_from_source_model(import_source);
cf36c6
+	if (session == NULL) {
cf36c6
+		return NULL;
cf36c6
+	}
cf36c6
 	cvrf_session_set_os_name(session, os_name);
cf36c6
 
cf36c6
 	if (find_all_cvrf_product_ids_from_cpe(session) != 0) {
cf36c6
diff --git a/utils/oscap-cvrf.c b/utils/oscap-cvrf.c
cf36c6
index 9a2441165..d6c571007 100644
cf36c6
--- a/utils/oscap-cvrf.c
cf36c6
+++ b/utils/oscap-cvrf.c
cf36c6
@@ -99,20 +99,29 @@ static int app_cvrf_evaluate(const struct oscap_action *action) {
cf36c6
 	// themselves
cf36c6
 	const char *os_name = "Red Hat Enterprise Linux Desktop Supplementary (v. 6)";
cf36c6
 	struct oscap_source *import_source = oscap_source_new_from_file(action->cvrf_action->f_cvrf);
cf36c6
+
cf36c6
+	int ret = oscap_source_validate(import_source, reporter, (void *) action);
cf36c6
+	if (ret != 0) {
cf36c6
+		result = OSCAP_ERROR;
cf36c6
+		goto cleanup;
cf36c6
+	}
cf36c6
+
cf36c6
 	struct oscap_source *export_source = cvrf_model_get_results_source(import_source, os_name);
cf36c6
-	if (export_source == NULL)
cf36c6
-		return -1;
cf36c6
+	if (export_source == NULL) {
cf36c6
+		result = OSCAP_ERROR;
cf36c6
+		goto cleanup;
cf36c6
+	}
cf36c6
 
cf36c6
 	if (oscap_source_save_as(export_source, action->cvrf_action->f_results) == -1) {
cf36c6
 		result = OSCAP_ERROR;
cf36c6
 		goto cleanup;
cf36c6
 	}
cf36c6
+	oscap_source_free(export_source);
cf36c6
 
cf36c6
 	cleanup:
cf36c6
 		if (oscap_err())
cf36c6
 			fprintf(stderr, "%s %s\n", OSCAP_ERR_MSG, oscap_err_desc());
cf36c6
 
cf36c6
-	oscap_source_free(export_source);
cf36c6
 	free(action->cvrf_action);
cf36c6
 	return result;
cf36c6
 }