fix null pointer dereference in dcngettext under specific conditions

if setlocale has not been called, the current locale's messages_name
may be a null pointer. the code path where it's assumed to be non-null
was only reachable if bindtextdomain had already been called, which is
normally not done in programs which do not call setlocale, so the
omitted check went unnoticed.

patch from Void Linux, with description rewritten.

diff --git a/src/locale/dcngettext.c b/src/locale/dcngettext.c
index 0057cb56b30221a0ab420df68e084099ed57b44d..30dd41d4d83c9d06b70cda9b5c4fe4c33971852e 100644 (file)
--- a/src/locale/dcngettext.c
+++ b/src/locale/dcngettext.c
@@ -132,7 +132,7 @@ char *dcngettext(const char *domainname, const char *msgid1, const char *msgid2,
        switch (category) {
        case LC_MESSAGES:
                locname = loc->messages_name;
-               if (!*locname) goto notrans;
+               if (!locname || !*locname) goto notrans;
                break;
        case LC_TIME:
        case LC_MONETARY: