Null pointer dereferencies in src/v4l.c, src/remote.c, src/screen.c, src/user.c #266
Description
Additional context
Our company uses x11vnc in our product. I am working on static analysis, and one of my tasks was to scan x11vnc package. During the scan, I found some null pointer dereferencies in code:
Describe errors
-
https://github.com/LibVNC/x11vnc/blob/master/src/v4l.c#L721
Pointer p get the value in https://github.com/LibVNC/x11vnc/blob/master/src/v4l.c#L716 using strpbrk and can be NULL. Need to check that pointer p is not NULL before dereferencing as in https://github.com/LibVNC/x11vnc/blob/master/src/v4l.c#L717 -
https://github.com/LibVNC/x11vnc/blob/master/src/remote.c#L184
Pointer dpy can be NULL, need to check that pointer p is not NULL before dereferencing as in https://github.com/LibVNC/x11vnc/blob/master/src/remote.c#L121 -
https://github.com/LibVNC/x11vnc/blob/master/src/remote.c#L569
In https://github.com/LibVNC/x11vnc/blob/master/src/remote.c#L574 checks that screen is not NULL, while in https://github.com/LibVNC/x11vnc/blob/master/src/remote.c#L569 checks that screen->httpDir is not NULL, which can lead to a null pointer dereference if screen is NULL -
https://github.com/LibVNC/x11vnc/blob/master/src/screen.c#L2943
Pointer fb can be NULL, need to check that pointer fb is not NULL before dereferencing. -
https://github.com/LibVNC/x11vnc/blob/master/src/screen.c#L4506
Pointer screen can be NULL, so screen->deferUpdateTime can result in a null pointer dereference. Need to check that pointer screen is not NULL before dereferencing as in https://github.com/LibVNC/x11vnc/blob/master/src/screen.c#L4485 -
https://github.com/LibVNC/x11vnc/blob/master/src/user.c#L2637
Pointer keep_unixpw_user can be NULL. Need to check that pointer keep_unixpw_user is not NULL before dereferencing as in https://github.com/LibVNC/x11vnc/blob/master/src/user.c#L2565