diff options
author | Andrea Azzarone <andrea.azzarone@canonical.com> | 2019-01-18 16:14:57 +0000 |
---|---|---|
committer | Andrea Azzarone <andrea.azzarone@canonical.com> | 2019-01-24 11:15:15 +0000 |
commit | 63c0a5d4413e53cb76089fda6f56b2d623c5de15 (patch) | |
tree | 03d6f2516b7e088e30c9a6e8b97b864f31de441e | |
parent | 9e6bccc2b9fd77cef4caf539e397765994cd1e59 (diff) | |
download | tracker-63c0a5d4413e53cb76089fda6f56b2d623c5de15.tar.gz |
tracker-monitor: Prevent stack smashing
Make sure to use GPOINTER_TO_UINT when using g_hash_table_lookup_extended() to
prevent stack smashing. This will make sure that in the architectures where
sizeof(GFileMonitorEvent) < sizeof(gpointer), g_hash_table_lookup_extended()
will not write more bytes than prev_event_type can hold.
Fixes: https://gitlab.gnome.org/GNOME/tracker/issues/71
-rw-r--r-- | src/libtracker-miner/tracker-monitor.c | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/src/libtracker-miner/tracker-monitor.c b/src/libtracker-miner/tracker-monitor.c index 6bbe3b315..ccf85976e 100644 --- a/src/libtracker-miner/tracker-monitor.c +++ b/src/libtracker-miner/tracker-monitor.c @@ -614,13 +614,15 @@ flush_cached_event (TrackerMonitor *monitor, GFile *file, gboolean is_directory) { - GFileMonitorEvent prev_event_type; + gpointer value = NULL; TrackerMonitorPrivate *priv; priv = tracker_monitor_get_instance_private (monitor); if (g_hash_table_lookup_extended (priv->cached_events, - file, NULL, (gpointer*) &prev_event_type)) { + file, NULL, &value)) { + GFileMonitorEvent prev_event_type = GPOINTER_TO_UINT (value); + g_hash_table_remove (priv->cached_events, file); emit_signal_for_event (monitor, prev_event_type, is_directory, file, NULL); |