Bug 1170166

Summary: AUDIT-FIND: enlightenment: enlightenment_system: `_cb_l2ping_ping()` SEGFAULTs when no parameter is passed.
Product: [openSUSE] openSUSE Tumbleweed Reporter: Matthias Gerstner <matthias.gerstner>
Component: SecurityAssignee: Simon Lees <simonf.lees>
Status: RESOLVED FIXED QA Contact: E-mail List <qa-bugs>
Severity: Normal    
Priority: P5 - None CC: matthias.gerstner, security-team
Version: Current   
Target Milestone: ---   
Hardware: Other   
OS: Other   
Found By: --- Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---
Bug Depends on:    
Bug Blocks: 1169238    

Description Matthias Gerstner 2020-04-22 09:30:41 UTC
+++ This bug was initially created as a clone of Bug #1169238

e) `_cb_l2ping_ping()` SEGFAULTs when no parameter is passed.

This function unconditionally dereferences the `params` string in a `sscanf()`
call, which causes a SEGFAULT by dereferencing a NULL pointer when a user is
not passing any parameter data.
Comment 1 Simon Lees 2020-04-22 11:03:30 UTC
Upstream: https://phab.enlightenment.org/T8674
Comment 3 Matthias Gerstner 2020-04-30 12:29:50 UTC
Well this one was simple enough. Looks fixed :)
Comment 4 Matthias Gerstner 2020-05-22 08:28:50 UTC
The fix made it into the upstream 0.24 release. Closing as fixed.