File nautilus-CVE-2022-37290.patch of Package nautilus
Index: nautilus-41.5/src/nautilus-dbus-manager.c
===================================================================
--- nautilus-41.5.orig/src/nautilus-dbus-manager.c
+++ nautilus-41.5/src/nautilus-dbus-manager.c
@@ -187,6 +187,11 @@ handle_create_folder (NautilusDBusFileOp
file = g_file_new_for_uri (uri);
basename = g_file_get_basename (file);
parent_file = g_file_get_parent (file);
+ if (parent_file == NULL || basename == NULL)
+ {
+ g_dbus_method_invocation_return_error (invocation, G_FILE_ERROR, G_FILE_ERROR_EXIST, "Invalid uri: %s", uri);
+ return TRUE;
+ }
parent_file_uri = g_file_get_uri (parent_file);
handle_create_folder_internal (parent_file_uri, basename, NULL);
Index: nautilus-41.5/src/nautilus-file-operations.c
===================================================================
--- nautilus-41.5.orig/src/nautilus-file-operations.c
+++ nautilus-41.5/src/nautilus-file-operations.c
@@ -1019,6 +1019,12 @@ get_basename (GFile *file)
if (name == NULL)
{
basename = g_file_get_basename (file);
+
+ if (basename == NULL)
+ {
+ return g_strdup (_("unknown"));
+ }
+
if (g_utf8_validate (basename, -1, NULL))
{
name = basename;
@@ -4361,6 +4367,7 @@ get_unique_target_file (GFile *src,
if (dest == NULL)
{
basename = g_file_get_basename (src);
+ g_assert (basename == NULL);
if (g_utf8_validate (basename, -1, NULL))
{