From 318e30601ca03f6a8d92b661af6358635eb41603 Mon Sep 17 00:00:00 2001
From: Thijs <Thijsjuh97@hotmail.com>
Date: Tue, 1 Oct 2024 14:34:50 +0200
Subject: [PATCH] Fix NULL pointer dereference in tgetstr function
 (CVE-2023-45918)

---
 ncurses/tinfo/lib_termcap.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/ncurses/tinfo/lib_termcap.c b/ncurses/tinfo/lib_termcap.c
index 5ce43a3c4..99ed2b3d3 100644
--- a/ncurses/tinfo/lib_termcap.c
+++ b/ncurses/tinfo/lib_termcap.c
@@ -369,6 +369,7 @@ NCURSES_SP_NAME(tgetstr) (NCURSES_SP_DCLx const char *id, char **area)
 	    result = tp->Strings[j];
 	    TR(TRACE_DATABASE, ("found match %d: %s", j, _nc_visbuf(result)));
 	    /* setupterm forces canceled strings to null */
+	    if(result != NULL) {
 	    if (VALID_STRING(result)) {
 		if (result == exit_attribute_mode
 		    && FIX_SGR0 != 0) {
@@ -381,6 +382,9 @@ NCURSES_SP_NAME(tgetstr) (NCURSES_SP_DCLx const char *id, char **area)
 		    result = *area;
 		    *area += strlen(*area) + 1;
 		}
+		}
+	    } else {
+	    TR(TRACE_DATABASE, ("tgetstr returned NULL for id: %s", id));
 	    }
 	}
     }