From 251bab3e719857b6bd1e9ad5c6ab37c26a22a3ba Mon Sep 17 00:00:00 2001 From: Philip Withnall Date: Wed, 21 Dec 2022 19:16:10 +0000 Subject: [PATCH] gobject: Add a missing NULL check for the return from lookup_type_node_I() This can cause a `NULL` dereference on the next line if there is no `TypeNode` for `iface_type`, for example if `iface_type == G_TYPE_INVALID`. Unlikely, but possible since this API is public. Spotted by Coverity. Signed-off-by: Philip Withnall Coverity CID: #1501602 --- gobject/gtype.c | 2 +- gobject/tests/type-flags.c | 4 ++++ 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/gobject/gtype.c b/gobject/gtype.c index 77feb7d4a..8665db294 100644 --- a/gobject/gtype.c +++ b/gobject/gtype.c @@ -4161,7 +4161,7 @@ g_type_check_instance_is_a (GTypeInstance *type_instance, return FALSE; iface = lookup_type_node_I (iface_type); - if (iface->is_final) + if (iface && iface->is_final) return type_instance->g_class->g_type == iface_type; node = lookup_type_node_I (type_instance->g_class->g_type); diff --git a/gobject/tests/type-flags.c b/gobject/tests/type-flags.c index 23313c68e..653cb9b01 100644 --- a/gobject/tests/type-flags.c +++ b/gobject/tests/type-flags.c @@ -130,6 +130,8 @@ test_type_flags_final_instance_check (void) TEST_TYPE_DEPRECATED)); g_assert_true (g_type_check_instance_is_a ((GTypeInstance *) final, G_TYPE_OBJECT)); + g_assert_false (g_type_check_instance_is_a ((GTypeInstance *) final, + G_TYPE_INVALID)); g_clear_object (&final); } @@ -184,6 +186,8 @@ test_type_flags_deprecated (void) G_TYPE_OBJECT)); g_assert_false (g_type_check_instance_is_a ((GTypeInstance *) deprecated_object, TEST_TYPE_FINAL)); + g_assert_false (g_type_check_instance_is_a ((GTypeInstance *) deprecated_object, + G_TYPE_INVALID)); g_test_assert_expected_messages ();