Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(129)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/utility/safe_browsing/mac/udif.cc

Issue 2468263003: Fix a null-deref in safe_browsing::dmg::UDIFParser::ParseBlkx. (Closed)
Patch Set: Created 4 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2015 The Chromium Authors. All rights reserved. 1 // Copyright 2015 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chrome/utility/safe_browsing/mac/udif.h" 5 #include "chrome/utility/safe_browsing/mac/udif.h"
6 6
7 #include <CoreFoundation/CoreFoundation.h> 7 #include <CoreFoundation/CoreFoundation.h>
8 #include <bzlib.h> 8 #include <bzlib.h>
9 #include <libkern/OSByteOrder.h> 9 #include <libkern/OSByteOrder.h>
10 #include <uuid/uuid.h> 10 #include <uuid/uuid.h>
(...skipping 476 matching lines...) Expand 10 before | Expand all | Expand 10 after
487 auto* blkx = base::mac::GetValueFromDictionary<CFArrayRef>(resource_fork, 487 auto* blkx = base::mac::GetValueFromDictionary<CFArrayRef>(resource_fork,
488 CFSTR("blkx")); 488 CFSTR("blkx"));
489 if (!blkx) { 489 if (!blkx) {
490 DLOG(ERROR) << "No blkx entry in resource-fork"; 490 DLOG(ERROR) << "No blkx entry in resource-fork";
491 return false; 491 return false;
492 } 492 }
493 493
494 for (CFIndex i = 0; i < CFArrayGetCount(blkx); ++i) { 494 for (CFIndex i = 0; i < CFArrayGetCount(blkx); ++i) {
495 auto* block_dictionary = 495 auto* block_dictionary =
496 base::mac::CFCast<CFDictionaryRef>(CFArrayGetValueAtIndex(blkx, i)); 496 base::mac::CFCast<CFDictionaryRef>(CFArrayGetValueAtIndex(blkx, i));
497 if (!block_dictionary) {
498 DLOG(ERROR) << "Skipping block " << i
499 << " because it is not a CFDictionary";
500 continue;
501 }
502
497 auto* data = base::mac::GetValueFromDictionary<CFDataRef>(block_dictionary, 503 auto* data = base::mac::GetValueFromDictionary<CFDataRef>(block_dictionary,
498 CFSTR("Data")); 504 CFSTR("Data"));
499 if (!data) { 505 if (!data) {
500 DLOG(ERROR) << "Skipping block " << i 506 DLOG(ERROR) << "Skipping block " << i
501 << " because it has no Data section"; 507 << " because it has no Data section";
502 continue; 508 continue;
503 } 509 }
504 510
505 // Copy the block table out of the plist. 511 // Copy the block table out of the plist.
506 std::unique_ptr<UDIFBlock> block(new UDIFBlock()); 512 std::unique_ptr<UDIFBlock> block(new UDIFBlock());
(...skipping 350 matching lines...) Expand 10 before | Expand all | Expand 10 after
857 << chunk_->compressed_offset; 863 << chunk_->compressed_offset;
858 return false; 864 return false;
859 } 865 }
860 return true; 866 return true;
861 } 867 }
862 868
863 } // namespace 869 } // namespace
864 870
865 } // namespace dmg 871 } // namespace dmg
866 } // namespace safe_browsing 872 } // namespace safe_browsing
OLDNEW
« no previous file with comments | « no previous file | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698