https://git.reactos.org/?p=reactos.git;a=commitdiff;h=42515190c53d45e282a8d… commit 42515190c53d45e282a8d6eea4dfa917bfc1f170 Author: Julian Kirsch <kirschju(a)sec.in.tum.de> AuthorDate: Wed Feb 13 13:12:52 2019 +0100 Commit: Hermès BÉLUSCA - MAÏTO <hermes.belusca-maito(a)reactos.org> CommitDate: Wed Feb 13 13:12:52 2019 +0100 [NSLOOKUP] Fix crash in case of no network connectivity (#1354) Prevent nslookup.exe from crashing when executed in a ROS VM with no network interfaces. This is due to a NULL pointer dereference occurring if `GetNetworkParams` in `main` fails with an error other than `ERROR_BUFFER_OVERFLOW`. In this case, `pNetInfo` remains initialized to NULL, causing `strncpy` to crash. --- base/applications/network/nslookup/nslookup.c | 35 +++++++++++++++------------ 1 file changed, 20 insertions(+), 15 deletions(-) diff --git a/base/applications/network/nslookup/nslookup.c b/base/applications/network/nslookup/nslookup.c index 6f80dfae1e..d86803eb3a 100644 --- a/base/applications/network/nslookup/nslookup.c +++ b/base/applications/network/nslookup/nslookup.c @@ -792,26 +792,31 @@ int main( int argc, char* argv[] ) /* We don't know how long of a buffer it will want to return. So we'll pass an empty one now and let it fail only once, instead of guessing. */ Status = GetNetworkParams( pNetInfo, &NetBufLen ); - if( Status == ERROR_BUFFER_OVERFLOW ) + + if( Status != ERROR_BUFFER_OVERFLOW ) { - pNetInfo = (PFIXED_INFO)HeapAlloc( ProcessHeap, 0, NetBufLen ); - if( pNetInfo == NULL ) - { - _tprintf( _T("ERROR: Out of memory\n") ); + _tprintf( _T("Error in GetNetworkParams call\n") ); - return -1; - } + return -2; + } - /* For real this time. */ - Status = GetNetworkParams( pNetInfo, &NetBufLen ); - if( Status != NO_ERROR ) - { - _tprintf( _T("Error in GetNetworkParams call\n") ); + pNetInfo = (PFIXED_INFO)HeapAlloc( ProcessHeap, 0, NetBufLen ); + if( pNetInfo == NULL ) + { + _tprintf( _T("ERROR: Out of memory\n") ); - HeapFree( ProcessHeap, 0, pNetInfo ); + return -1; + } - return -2; - } + /* For real this time. */ + Status = GetNetworkParams( pNetInfo, &NetBufLen ); + if( Status != NO_ERROR ) + { + _tprintf( _T("Error in GetNetworkParams call\n") ); + + HeapFree( ProcessHeap, 0, pNetInfo ); + + return -2; } strncpy( State.domain, pNetInfo->DomainName, 255 );