dwfl_segment_report_module.c: Fix potential NULL pointer dereference in handle_file_note
Message ID | 20241023110809.2385085-1-ant.v.moryakov@gmail.com |
---|---|
State | Dropped |
Delegated to: | Mark Wielaard |
Headers |
Return-Path: <elfutils-devel-bounces~patchwork=sourceware.org@sourceware.org> X-Original-To: patchwork@sourceware.org Delivered-To: patchwork@sourceware.org Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id 66AC23858430 for <patchwork@sourceware.org>; Wed, 23 Oct 2024 11:11:19 +0000 (GMT) X-Original-To: elfutils-devel@sourceware.org Delivered-To: elfutils-devel@sourceware.org Received: from mail-lf1-x12f.google.com (mail-lf1-x12f.google.com [IPv6:2a00:1450:4864:20::12f]) by sourceware.org (Postfix) with ESMTPS id 9293B385840D for <elfutils-devel@sourceware.org>; Wed, 23 Oct 2024 11:08:15 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 9293B385840D Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=gmail.com ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 9293B385840D Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=2a00:1450:4864:20::12f ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1729681700; cv=none; b=PpwLe1GRZW651SuVUYyYKk2yPaQeT2ATkB5jaekWbyauX/UPL6gKdVvFTibtLzEb0Oo06iHS1cpr/fVhks8fXkSO+m9W580L9UVaByNtFNU9IhjwOTh89SdOx5tzayjQs5Ia3uNl5wsuiHjT9g9wgMpIJmRI8yNTZFdbVGEduhw= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1729681700; c=relaxed/simple; bh=9xOKdoIgBmnVI5wVfx0tTFesB+Fu6CWfyCKKj/Pi0ck=; h=DKIM-Signature:From:To:Subject:Date:Message-Id:MIME-Version; b=PJwqvLDDxhJjWKwJ0+ZaBdCh0jxkEmClqDRv+2FzmwARvAGRak/yPKUY0a1k+raWUP5UEj6Sj4Jqos8lbcU4WqoubwVtEQBdFZiLTpYdjyrvOyLdLFbhqmiZPRgOalmTa1GX2FIQu7JFV8nhw1ecgbDzbJ26MTna53pg+qZz7WY= ARC-Authentication-Results: i=1; server2.sourceware.org Received: by mail-lf1-x12f.google.com with SMTP id 2adb3069b0e04-539fb49c64aso9406515e87.0 for <elfutils-devel@sourceware.org>; Wed, 23 Oct 2024 04:08:15 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1729681694; x=1730286494; darn=sourceware.org; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:from:to:cc:subject:date:message-id:reply-to; bh=nu1VfeXHzdAVZKKxw6CuhkiKndo8WfyVFSIvskctcHU=; b=Vobh8Y214U3mlLNiJ/LZ3MByi2Hk8+zpB/C2YVWJmOvpJGLen4jLQd+KvPvDnkYk18 FLLOlQ0rxllw5JCd/PVf6x8p7IhWNjEVgAO3bW7F4jSg4f/l+LWj2Dvfg98RdadUhboJ OijBMuG3SPE/7gVF01AgZ8NswYhM1hha/ArFOnMiz4jJiKk0ztU18xForCD6AI99p2Wi vf2b47RfjrFACo8cAE/aE1rGP8lQm9pGDfgwd8gv71aCT5+YEY34FG2LLo+4NFyOkcr/ 2sO70aQmVJjzosIM4F9pA7Bktz/BSa/8sze3jYJevTPdibxeHnXrsCSnuytLXkvYcC3L 4kuA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1729681694; x=1730286494; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=nu1VfeXHzdAVZKKxw6CuhkiKndo8WfyVFSIvskctcHU=; b=owfIb/TKM9SZeKIYjjneHCAZnT63didSwBzFA1CeB4EgFPDA4nNy0d4jw7A+P6A8y9 rSbwa7dbzldBKVt/iP6SbBUEBHXlkqSdpIZFcQTsecCSdHx4PQcI5vzyrUAV/7SCh1Bb HFMocm6WwZC4pEKupK+cHV50C81dHchNkn7R9Py6qVxImq8hQgM8lXF3wi9Tzxw2R2mw VntSsrQnO3OsJ227H4ZU4aLLW8XDsfViwG+baTxAA+oRk3eo4dyRItTUGmy2xkvEVoPk q15gzpY9xNr0wTSv7w8UhnRU13rSPJ0/E5awdDfqW1M62Q5mir6FcQMAtqrOAQM4kLLs AChg== X-Gm-Message-State: AOJu0Yy16U2hoRraHnkVxBOeiorCtEBEbZEHvw1vPW5W9R+lVwQeUD8U rPMvt5jHCTPic6662o5NR0XaryX42QamV8lDqBHeELhpnXlZRRLvOyZ15iTcqHs= X-Google-Smtp-Source: AGHT+IFRXa0hhQhYRuqs2gXxZ3aJdCWZ6FA/xcnZBOpbEBcmAletAHU1nNUhcI49wz935VJXaREJzg== X-Received: by 2002:a05:6512:12d6:b0:52c:deb9:904b with SMTP id 2adb3069b0e04-53b1a39bbfamr2009261e87.38.1729681693434; Wed, 23 Oct 2024 04:08:13 -0700 (PDT) Received: from anton-desktop.. (static.38.52.108.65.clients.your-server.de. [65.108.52.38]) by smtp.gmail.com with ESMTPSA id 2adb3069b0e04-53a22431574sm1026220e87.198.2024.10.23.04.08.11 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 23 Oct 2024 04:08:12 -0700 (PDT) From: ant.v.moryakov@gmail.com To: elfutils-devel@sourceware.org Cc: AntonMoryakov <ant.v.moryakov@gmail.com> Subject: [PATCH] dwfl_segment_report_module.c: Fix potential NULL pointer dereference in handle_file_note Date: Wed, 23 Oct 2024 14:08:09 +0300 Message-Id: <20241023110809.2385085-1-ant.v.moryakov@gmail.com> X-Mailer: git-send-email 2.34.1 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-12.8 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, FREEMAIL_FROM, GIT_PATCH_0, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS, TXREP autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: elfutils-devel@sourceware.org X-Mailman-Version: 2.1.30 Precedence: list List-Id: Elfutils-devel mailing list <elfutils-devel.sourceware.org> List-Unsubscribe: <https://sourceware.org/mailman/options/elfutils-devel>, <mailto:elfutils-devel-request@sourceware.org?subject=unsubscribe> List-Archive: <https://sourceware.org/pipermail/elfutils-devel/> List-Post: <mailto:elfutils-devel@sourceware.org> List-Help: <mailto:elfutils-devel-request@sourceware.org?subject=help> List-Subscribe: <https://sourceware.org/mailman/listinfo/elfutils-devel>, <mailto:elfutils-devel-request@sourceware.org?subject=subscribe> Errors-To: elfutils-devel-bounces~patchwork=sourceware.org@sourceware.org |
Series |
dwfl_segment_report_module.c: Fix potential NULL pointer dereference in handle_file_note
|
|
Commit Message
Anton Moryakov
Oct. 23, 2024, 11:08 a.m. UTC
From: AntonMoryakov <ant.v.moryakov@gmail.com>
- Added a check to ensure `retval` is not NULL before using it in `strcmp` to prevent a segmentation fault.
- This resolves the issue where `retval` could be NULL when passed to `strcmp`, which could cause a crash.
---
libdwfl/dwfl_segment_report_module.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
Comments
Hi Anton, On Wed, 2024-10-23 at 14:08 +0300, ant.v.moryakov@gmail.com wrote: > From: AntonMoryakov <ant.v.moryakov@gmail.com> > > - Added a check to ensure `retval` is not NULL before using it in `strcmp` to prevent a segmentation fault. > - This resolves the issue where `retval` could be NULL when passed to `strcmp`, which could cause a crash. Are you sure? A testcase would be nice. > --- > libdwfl/dwfl_segment_report_module.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/libdwfl/dwfl_segment_report_module.c b/libdwfl/dwfl_segment_report_module.c > index 32f44af8..d2512cb3 100644 > --- a/libdwfl/dwfl_segment_report_module.c > +++ b/libdwfl/dwfl_segment_report_module.c > @@ -205,7 +205,7 @@ handle_file_note (GElf_Addr module_start, GElf_Addr module_end, > return NULL; > if (mix == firstix) > retval = fptr; > - if (firstix < mix && mix <= lastix && strcmp (fptr, retval) != 0) > + if (retval != NULL && firstix < mix && mix <= lastix && strcmp (fptr, retval) != 0) > return NULL; > fptr = fnext + 1; > } This came up before so maybe a comment could be added. https://inbox.sourceware.org/elfutils-devel/20240702111528.GA29242@gnu.wildebeest.org/ How did you determine this patch was necessary? It seems that retval is definitely set in this case. Cheers, Mark
diff --git a/libdwfl/dwfl_segment_report_module.c b/libdwfl/dwfl_segment_report_module.c index 32f44af8..d2512cb3 100644 --- a/libdwfl/dwfl_segment_report_module.c +++ b/libdwfl/dwfl_segment_report_module.c @@ -205,7 +205,7 @@ handle_file_note (GElf_Addr module_start, GElf_Addr module_end, return NULL; if (mix == firstix) retval = fptr; - if (firstix < mix && mix <= lastix && strcmp (fptr, retval) != 0) + if (retval != NULL && firstix < mix && mix <= lastix && strcmp (fptr, retval) != 0) return NULL; fptr = fnext + 1; }