From fd9e1d6a8aacddab380fd8ea099ebba90169c749 Mon Sep 17 00:00:00 2001 From: Dirk Hohndel Date: Sun, 27 Oct 2019 16:29:22 -0400 Subject: [PATCH] Cleanup: avoid dereferencing NULL We should call this function with two well defined dive_or_trip structures which means that exactly one of the two values is set in each argument. But in order to not have bugs elsewhere leed to crashes here, be more tolerant of malformed argumnts. Fixes CID 350100 Signed-off-by: Dirk Hohndel --- core/divelist.c | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/core/divelist.c b/core/divelist.c index 3c0570673..de9509471 100644 --- a/core/divelist.c +++ b/core/divelist.c @@ -1478,6 +1478,18 @@ static int comp_dive_to_trip(struct dive *a, struct dive_trip *b) static int comp_dive_or_trip(struct dive_or_trip a, struct dive_or_trip b) { + /* we should only be called with both a and b having exactly one of + * dive or trip not NULL. But in an abundance of caution, make sure + * we still give a consistent answer even when called with invalid + * arguments, as otherwise we might be hunting down crashes at a later + * time... + */ + if (!a.dive && !a.trip && !b.dive && !b.trip) + return 0; + if (!a.dive && !a.trip) + return -1; + if (!b.dive && !b.trip) + return 1; if (a.dive && b.dive) return comp_dives(a.dive, b.dive); if (a.trip && b.trip)