graphviz/SOURCES/graphviz-2.40.1-CVE-2018-10196.patch
2021-10-08 11:37:41 +00:00

17 lines
630 B
Diff

diff --git a/lib/dotgen/conc.c b/lib/dotgen/conc.c
--- a/lib/dotgen/conc.c
+++ b/lib/dotgen/conc.c
@@ -159,7 +159,11 @@ static void rebuild_vlists(graph_t * g)
for (r = GD_minrank(g); r <= GD_maxrank(g); r++) {
lead = GD_rankleader(g)[r];
- if (GD_rank(dot_root(g))[r].v[ND_order(lead)] != lead) {
+ if (lead == NULL) {
+ agerr(AGERR, "rebuiltd_vlists: lead is null for rank %d\n", r);
+ longjmp(jbuf, 1);
+ }
+ else if (GD_rank(dot_root(g))[r].v[ND_order(lead)] != lead) {
agerr(AGERR, "rebuiltd_vlists: rank lead %s not in order %d of rank %d\n",
agnameof(lead), ND_order(lead), r);
longjmp(jbuf, 1);