From cd52c0efed4a56880da2048226b79fb317fe2dc9 Mon Sep 17 00:00:00 2001 From: GermanAizek Date: Wed, 20 Aug 2025 02:28:03 +0300 Subject: [PATCH] cborpretty: [CWE-476][CWE-690] fix indicator uncheck on NULL before dereference In 'get_indicator()' function 'resolve_indicator()' can return NULL. Check comment line: /* CborErrorUnexpectedEOF */ Affected CWE metrics: https://cwe.mitre.org/data/definitions/476.html https://cwe.mitre.org/data/definitions/690.html --- src/cborpretty.c | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/src/cborpretty.c b/src/cborpretty.c index 02b5706b..9f0e0a66 100644 --- a/src/cborpretty.c +++ b/src/cborpretty.c @@ -345,6 +345,8 @@ static CborError value_to_pretty(CborStreamFunction stream, void *out, CborValue /* recursive type */ CborValue recursed; const char *indicator = get_indicator(it, flags); + if (!indicator) + return err; const char *space = *indicator ? " " : indicator; err = stream(out, "%c%s%s", type == CborArrayType ? '[' : '{', indicator, space); @@ -389,8 +391,12 @@ static CborError value_to_pretty(CborStreamFunction stream, void *out, CborValue err = stream(out, "-18446744073709551616"); } } - if (!err) - err = stream(out, "%s", get_indicator(it, flags)); + if (!err) { + const char *indicator = get_indicator(it, flags); + if (!indicator) + return err; + err = stream(out, "%s", indicator); + } break; } @@ -452,7 +458,10 @@ static CborError value_to_pretty(CborStreamFunction stream, void *out, CborValue case CborTagType: { CborTag tag; cbor_value_get_tag(it, &tag); /* can't fail */ - err = stream(out, "%" PRIu64 "%s(", tag, get_indicator(it, flags)); + const char *indicator = get_indicator(it, flags); + if (!indicator) + return err; + err = stream(out, "%" PRIu64 "%s(", tag, indicator); if (!err) err = cbor_value_advance_fixed(it); if (!err && recursionsLeft > 0)