From fcd9e3aba122a220af617a802c4f47bad4b51e64 Mon Sep 17 00:00:00 2001
From: Jaroslav Rohel <jrohel@redhat.com>
Date: Fri, 7 Dec 2018 07:05:10 +0100
Subject: [PATCH] Fix: Dereference of null pointer
Reply-To: muislam@microsoft.com
CVE: CVE-2018-20532 CVE-2018-20533 CVE-2018-20534

Upstream-Status: Backport

Signed-off-by: Muminul Islam <muislam@microsoft.com>

Cherry picked from  https://github.com/openSUSE/libsolv/pull/291/commits

---
 ext/repo_repomdxml.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ext/repo_repomdxml.c b/ext/repo_repomdxml.c
index 760d481f..b2a5b8dd 100644
--- a/ext/repo_repomdxml.c
+++ b/ext/repo_repomdxml.c
@@ -181,7 +181,7 @@ startElement(struct solv_xmlparser *xmlp, int state, const char *name, const cha
             while (value)
 	      {
 		char *p = strchr(value, ',');
-		if (*p)
+		if (p)
 		  *p++ = 0;
 		if (*value)
 		  repodata_add_poolstr_array(pd->data, SOLVID_META, REPOSITORY_UPDATES, value);
-- 
2.23.0