blob: 4746265eeb302b2a38dd7c9b84fbd21b4d7d8dd0 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
|
From a95f977f5d809915ec4b14836d2b5b7f5e74881e Mon Sep 17 00:00:00 2001
From: Matthew Fernandez <matthew.fernandez@gmail.com>
Date: Fri, 12 Jan 2024 17:06:17 +1100
Subject: [PATCH] gvc: detect plugin installation failure and display an error
Upstream-Status: Backport [https://gitlab.com/graphviz/graphviz/-/commit/a95f977f5d809915ec4b14836d2b5b7f5e74881e]
CVE: CVE-2023-46045
Signed-off-by: Meenali Gupta <meenali.gupta@windriver.com>
---
lib/gvc/gvconfig.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/lib/gvc/gvconfig.c b/lib/gvc/gvconfig.c
index 95e8c6c..77d0865 100644
--- a/lib/gvc/gvconfig.c
+++ b/lib/gvc/gvconfig.c
@@ -188,6 +188,10 @@ static int gvconfig_plugin_install_from_config(GVC_t * gvc, char *s)
do {
const char *api = token(&nest, &s);
const api_t gv_api = gvplugin_api(api);
+ if (gv_api == (api_t)-1) {
+ agerr(AGERR, "config error: %s %s not found\n", package_path, api);
+ return 0;
+ }
do {
if (nest == 2) {
type = token(&nest, &s);
--
2.40.0
|
