dcmtk/SOURCES/0020-CVE-2021-41689-Fixed-possible-NULL-pointer-dereference.patch

From 0e507235266dab0f9046a94231c3eb09fc27ceca Mon Sep 17 00:00:00 2001
From: Michael Onken <onken@open-connections.de>
Date: Wed, 15 Sep 2021 09:04:12 +0200
Subject: [PATCH 20/22] [CVE-2021-41689] Fixed possible NULL pointer
 dereference.

Thanks to Jinsheng Ba <bajinsheng@u.nus.edu> for the report and patch.

(cherry picked from commit 5c14bf53fb42ceca12bbcc0016e8704b1580920d)
---
 dcmnet/libsrc/diutil.cc | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/dcmnet/libsrc/diutil.cc b/dcmnet/libsrc/diutil.cc
index 856143d8c..fc446dd43 100644
--- a/dcmnet/libsrc/diutil.cc
+++ b/dcmnet/libsrc/diutil.cc
@@ -177,7 +177,8 @@ DU_getStringDOElement(DcmItem *obj, DcmTagKey t, char *s, size_t bufsize)
             s[0] = '\0';
         } else {
             ec =  elem->getString(aString);
-            OFStandard::strlcpy(s, aString, bufsize);
+            if (ec == EC_Normal)
+                OFStandard::strlcpy(s, aString, bufsize);
         }
     }
     return (ec == EC_Normal);
-- 
2.39.2