Package: newsbeuter / 2.9-8

16-fix-invalid-pointers.patch Patch series | download
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
Description: Fix a use after free in the rss parser
Origin: upstream, https://github.com/akrennmair/newsbeuter/commit/0ce0e6bfa8ba96014c89cbee3ddd3be54808e3d1
Bug: https://github.com/akrennmair/newsbeuter/pull/287

--- a/src/rss_parser.cpp
+++ b/src/rss_parser.cpp
@@ -142,14 +142,14 @@
 
 void rss_parser::download_http(const std::string& uri) {
 	unsigned int retrycount = cfgcont->get_configvalue_as_int("download-retries");
-	char * proxy = NULL;
-	char * proxy_auth = NULL;
+	std::string proxy;
+	std::string proxy_auth;
 	std::string proxy_type;
 	is_valid = false;
 
 	if (cfgcont->get_configvalue_as_bool("use-proxy") == true) {
-		proxy = const_cast<char *>(cfgcont->get_configvalue("proxy").c_str());
-		proxy_auth = const_cast<char *>(cfgcont->get_configvalue("proxy-auth").c_str());
+		proxy = cfgcont->get_configvalue("proxy");
+		proxy_auth = cfgcont->get_configvalue("proxy-auth");
 		proxy_type = cfgcont->get_configvalue("proxy-type");
 	}
 
@@ -157,7 +157,7 @@
 		try {
 			std::string useragent = utils::get_useragent(cfgcont);
 			LOG(LOG_DEBUG, "rss_parser::download_http: user-agent = %s", useragent.c_str());
-			rsspp::parser p(cfgcont->get_configvalue_as_int("download-timeout"), useragent.c_str(), proxy, proxy_auth, utils::get_proxy_type(proxy_type));
+			rsspp::parser p(cfgcont->get_configvalue_as_int("download-timeout"), useragent.c_str(), proxy.c_str(), proxy_auth.c_str(), utils::get_proxy_type(proxy_type));
 			time_t lm = 0;
 			std::string etag;
 			if (!ign || !ign->matches_lastmodified(uri)) {