From: Darren Kenny <darren.ke...@oracle.com>
It appears to be possible that the mctx->state_log field may be NULL,
and the name of this function, clean_state_log_if_needed(), suggests
that it should be checking that it is valid to be cleaned before
assuming that it does.
Fixes: CID 86720
Signed-off-by: Darren Kenny <darren.ke...@oracle.com>
Reviewed-by: Daniel Kiper <daniel.ki...@oracle.com>
Signed-off-by: Robbie Harwood <rharw...@redhat.com>
---
lib/regexec.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/lib/regexec.c b/lib/regexec.c
index 085bf27b0..d63b8800c 100644
--- a/lib/regexec.c
+++ b/lib/regexec.c
@@ -1657,6 +1657,9 @@ clean_state_log_if_needed (re_match_context_t *mctx, Idx
next_state_log_idx)
{
Idx top = mctx->state_log_top;
+ if (mctx->state_log == NULL)
+ return REG_NOERROR;
+
if ((next_state_log_idx >= mctx->input.bufs_len
&& mctx->input.bufs_len < mctx->input.len)
|| (next_state_log_idx >= mctx->input.valid_len
--
2.33.0
