adamwill / rpms / openscap

Forked from rpms/openscap 3 years ago
Clone

Blame SOURCES/openscap-1.2.18-cvrf-segfault.patch

d7b4b6
diff --git a/src/CVRF/cvrf_eval.c b/src/CVRF/cvrf_eval.c
d7b4b6
index 049b871f8..3bb39d109 100644
d7b4b6
--- a/src/CVRF/cvrf_eval.c
d7b4b6
+++ b/src/CVRF/cvrf_eval.c
d7b4b6
@@ -89,10 +89,14 @@ struct cvrf_session *cvrf_session_new_from_source_model(struct oscap_source *sou
d7b4b6
 	if (source == NULL)
d7b4b6
 		return NULL;
d7b4b6
 
d7b4b6
+	struct cvrf_model *model = cvrf_model_import(source);
d7b4b6
+	if (model == NULL) {
d7b4b6
+		return NULL;
d7b4b6
+	}
d7b4b6
 	struct cvrf_session *ret = malloc(sizeof(struct cvrf_session));
d7b4b6
 	ret->source = source;
d7b4b6
 	ret->index = NULL;
d7b4b6
-	ret->model = cvrf_model_import(source);
d7b4b6
+	ret->model = model;
d7b4b6
 	ret->os_name = NULL;
d7b4b6
 	ret->product_ids = oscap_stringlist_new();
d7b4b6
 	ret->def_model = oval_definition_model_new();
d7b4b6
@@ -225,6 +229,9 @@ struct oscap_source *cvrf_model_get_results_source(struct oscap_source *import_s
d7b4b6
 	if (import_source == NULL)
d7b4b6
 		return NULL;
d7b4b6
 	struct cvrf_session *session = cvrf_session_new_from_source_model(import_source);
d7b4b6
+	if (session == NULL) {
d7b4b6
+		return NULL;
d7b4b6
+	}
d7b4b6
 	cvrf_session_set_os_name(session, os_name);
d7b4b6
 
d7b4b6
 	if (find_all_cvrf_product_ids_from_cpe(session) != 0) {
d7b4b6
diff --git a/utils/oscap-cvrf.c b/utils/oscap-cvrf.c
d7b4b6
index 9a2441165..d6c571007 100644
d7b4b6
--- a/utils/oscap-cvrf.c
d7b4b6
+++ b/utils/oscap-cvrf.c
d7b4b6
@@ -99,20 +99,29 @@ static int app_cvrf_evaluate(const struct oscap_action *action) {
d7b4b6
 	// themselves
d7b4b6
 	const char *os_name = "Red Hat Enterprise Linux Desktop Supplementary (v. 6)";
d7b4b6
 	struct oscap_source *import_source = oscap_source_new_from_file(action->cvrf_action->f_cvrf);
d7b4b6
+
d7b4b6
+	int ret = oscap_source_validate(import_source, reporter, (void *) action);
d7b4b6
+	if (ret != 0) {
d7b4b6
+		result = OSCAP_ERROR;
d7b4b6
+		goto cleanup;
d7b4b6
+	}
d7b4b6
+
d7b4b6
 	struct oscap_source *export_source = cvrf_model_get_results_source(import_source, os_name);
d7b4b6
-	if (export_source == NULL)
d7b4b6
-		return -1;
d7b4b6
+	if (export_source == NULL) {
d7b4b6
+		result = OSCAP_ERROR;
d7b4b6
+		goto cleanup;
d7b4b6
+	}
d7b4b6
 
d7b4b6
 	if (oscap_source_save_as(export_source, action->cvrf_action->f_results) == -1) {
d7b4b6
 		result = OSCAP_ERROR;
d7b4b6
 		goto cleanup;
d7b4b6
 	}
d7b4b6
+	oscap_source_free(export_source);
d7b4b6
 
d7b4b6
 	cleanup:
d7b4b6
 		if (oscap_err())
d7b4b6
 			fprintf(stderr, "%s %s\n", OSCAP_ERR_MSG, oscap_err_desc());
d7b4b6
 
d7b4b6
-	oscap_source_free(export_source);
d7b4b6
 	free(action->cvrf_action);
d7b4b6
 	return result;
d7b4b6
 }