From 968780d8da4a7a1d30ca1e17faec55de2e528390 Mon Sep 17 00:00:00 2001 From: Philip Withnall Date: Wed, 20 Nov 2013 17:38:01 +0000 Subject: [PATCH] gtktreeselection: Fix potential NULL pointer dereferences _gtk_rbtree_first() can potentially return NULL if the RB tree is empty, which would result in NULL pointer dereferences in the GtkTreeSelection code. Gracefully handle them. Found by scan-build. https://bugzilla.gnome.org/show_bug.cgi?id=712760 --- gtk/gtktreeselection.c | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/gtk/gtktreeselection.c b/gtk/gtktreeselection.c index f797ee3059..778d76427a 100644 --- a/gtk/gtktreeselection.c +++ b/gtk/gtktreeselection.c @@ -596,7 +596,7 @@ gtk_tree_selection_get_selected_rows (GtkTreeSelection *selection, node = _gtk_rbtree_first (tree); path = gtk_tree_path_new_first (); - do + while (node != NULL) { if (GTK_RBNODE_FLAG_SET (node, GTK_RBNODE_IS_SELECTED)) list = g_list_prepend (list, gtk_tree_path_copy (path)); @@ -638,7 +638,6 @@ gtk_tree_selection_get_selected_rows (GtkTreeSelection *selection, while (!done); } } - while (TRUE); gtk_tree_path_free (path); @@ -653,6 +652,8 @@ gtk_tree_selection_count_selected_rows_helper (GtkRBTree *tree, { gint *count = (gint *)data; + g_return_if_fail (node != NULL); + if (GTK_RBNODE_FLAG_SET (node, GTK_RBNODE_IS_SELECTED)) (*count)++; @@ -789,7 +790,7 @@ gtk_tree_selection_selected_foreach (GtkTreeSelection *selection, /* find the node internally */ path = gtk_tree_path_new_first (); - do + while (node != NULL) { if (GTK_RBNODE_FLAG_SET (node, GTK_RBNODE_IS_SELECTED)) { @@ -838,7 +839,6 @@ gtk_tree_selection_selected_foreach (GtkTreeSelection *selection, while (!done); } } - while (TRUE); out: if (path) @@ -1614,6 +1614,8 @@ gtk_tree_selection_real_select_node (GtkTreeSelection *selection, gboolean toggle = FALSE; GtkTreePath *path = NULL; + g_return_val_if_fail (node != NULL, FALSE); + select = !! select; if (GTK_RBNODE_FLAG_SET (node, GTK_RBNODE_IS_SELECTED) != select)