graphviz/graphviz-2.40.1-CVE-2018-10196.patch

17 lines
630 B
Diff
Raw Normal View History

diff --git a/lib/dotgen/conc.c b/lib/dotgen/conc.c
--- a/lib/dotgen/conc.c
+++ b/lib/dotgen/conc.c
@@ -159,7 +159,11 @@ static void rebuild_vlists(graph_t * g)
for (r = GD_minrank(g); r <= GD_maxrank(g); r++) {
lead = GD_rankleader(g)[r];
- if (GD_rank(dot_root(g))[r].v[ND_order(lead)] != lead) {
+ if (lead == NULL) {
+ agerr(AGERR, "rebuiltd_vlists: lead is null for rank %d\n", r);
+ longjmp(jbuf, 1);
+ }
+ else if (GD_rank(dot_root(g))[r].v[ND_order(lead)] != lead) {
agerr(AGERR, "rebuiltd_vlists: rank lead %s not in order %d of rank %d\n",
agnameof(lead), ND_order(lead), r);
longjmp(jbuf, 1);