[iconv] Fix possible null-pointer dereference.
Checks
| Context |
Check |
Description |
| dj/TryBot-apply_patch |
success
|
Patch applied to master at the time it was sent
|
Commit Message
This issue was found by SVACE static analyzer.
Dereference can appear at line 665 and there are no
obvious checks of `irrecersible` ptr value.
And seems that we can't be sure that this pointer
isn't NULL.
---
iconv/skeleton.c | 1 +
1 file changed, 1 insertion(+)
Comments
On Mär 31 2022, Dmitry Chestnyh wrote:
> diff --git a/iconv/skeleton.c b/iconv/skeleton.c
> index 0356dbf92b..a296a9f944 100644
> --- a/iconv/skeleton.c
> +++ b/iconv/skeleton.c
> @@ -659,6 +659,7 @@ FUNCTION_NAME (struct __gconv_step *step, struct __gconv_step_data *data,
> /* Store information about how many bytes are available. */
> data->__outbuf = outbuf;
>
> + assert(irreversible != NULL);
> /* Remember how many non-identical characters we
> converted in an irreversible way. */
> *irreversible += lirreversible;
I don't think this function is ever called with irreversible == NULL.
In fact, there is such an assertion in __gconv.
On Mär 31 2022, Andreas Schwab wrote:
> On Mär 31 2022, Dmitry Chestnyh wrote:
>
>> diff --git a/iconv/skeleton.c b/iconv/skeleton.c
>> index 0356dbf92b..a296a9f944 100644
>> --- a/iconv/skeleton.c
>> +++ b/iconv/skeleton.c
>> @@ -659,6 +659,7 @@ FUNCTION_NAME (struct __gconv_step *step, struct __gconv_step_data *data,
>> /* Store information about how many bytes are available. */
>> data->__outbuf = outbuf;
>>
>> + assert(irreversible != NULL);
>> /* Remember how many non-identical characters we
>> converted in an irreversible way. */
>> *irreversible += lirreversible;
>
> I don't think this function is ever called with irreversible == NULL.
> In fact, there is such an assertion in __gconv.
Except that __gconv_transliterate does pass NULL here.
So the patch may be useful?
It may actually be possible to reach this point with irreversible ==
NULL.
@@ -659,6 +659,7 @@ FUNCTION_NAME (struct __gconv_step *step, struct __gconv_step_data *data,
/* Store information about how many bytes are available. */
data->__outbuf = outbuf;
+ assert(irreversible != NULL);
/* Remember how many non-identical characters we
converted in an irreversible way. */
*irreversible += lirreversible;