| Message ID | 20241023111414.2385429-1-ant.v.moryakov@gmail.com |
|---|---|
| State | Dropped |
| Delegated to: | Mark Wielaard |
| Headers |
Return-Path: <elfutils-devel-bounces~patchwork=sourceware.org@sourceware.org> X-Original-To: patchwork@sourceware.org Delivered-To: patchwork@sourceware.org Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id 664F63858C42 for <patchwork@sourceware.org>; Wed, 23 Oct 2024 11:14:44 +0000 (GMT) X-Original-To: elfutils-devel@sourceware.org Delivered-To: elfutils-devel@sourceware.org Received: from mail-lj1-x22a.google.com (mail-lj1-x22a.google.com [IPv6:2a00:1450:4864:20::22a]) by sourceware.org (Postfix) with ESMTPS id 4B5073858C35 for <elfutils-devel@sourceware.org>; Wed, 23 Oct 2024 11:14:22 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 4B5073858C35 Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=gmail.com ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 4B5073858C35 Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=2a00:1450:4864:20::22a ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1729682073; cv=none; b=kMmY+FqRDE5CU0ogY1Ek2imjJQ6RScaYuSv5aS4uaTdxndzy6sDo4R5Vn24v3GRiJ3/tb9L/WSOHwP/I2QyR/oVSdAcLyoBeAeEGUlCJn+mQSDdKXSo+8aTPZSZm00EArmYVhCE1nKtUXHquS2eXjcLfv1uzmMKo2G7iPybPM74= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1729682073; c=relaxed/simple; bh=Qr7JhOmuyd/GJvA6SHl8UwdBOS5FvlW6Xjs6TUZ5MHg=; h=DKIM-Signature:From:To:Subject:Date:Message-Id:MIME-Version; b=sLETdOeODoFeOL4ynaJHsVXIZ+plkGCPEibJJuW3Js0hWiipdK/QtchA3+HM1xgkBUwCPjMxQ6PgymJ0psLYkQRHhX39RG296RxEZ4/q9kRv6mQdHwOpBOVVKdb4rqP1wrqcwRpG1FydrIX2E7aakf0gz27JBITUHHNvyEbODYU= ARC-Authentication-Results: i=1; server2.sourceware.org Received: by mail-lj1-x22a.google.com with SMTP id 38308e7fff4ca-2fb3110b964so59109901fa.1 for <elfutils-devel@sourceware.org>; Wed, 23 Oct 2024 04:14:22 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1729682060; x=1730286860; darn=sourceware.org; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:from:to:cc:subject:date:message-id:reply-to; bh=Y4VT3ojNxky/L+mVJiQWhGNcGcAprVqp7MwwNvX5U2Q=; b=ns3r0T+4LtqZ37McMKFcZ3IXws4Q23kfXlSbhpoiS2DuIpHt/SpNarigbXeaJRLw+U NnOtbqrI182kIgQWivo1omNc6gWsFIL1hLrQP0RUKKzhEU5nzy34X5jt+PHbhKOLrepn EjpSqTLoPvxhYShAkKKGCspQNoMbNJdcwh5TA6ze12xl5KONc9KXKGAEW6bEbVl6AJh0 tI38RXTkAKwdXfzEV1GIXjW5FzJoGcaXgDS4tmSZZTkCkVYlNYdCcm5wDZmA85HcZK31 7Jbse7OBHTiCBmRLkZBXIPQQL+oegTHVRnUMlVI8QiLCBVnruZKBVdl3Q48Achkw4jt/ JEjQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1729682060; x=1730286860; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=Y4VT3ojNxky/L+mVJiQWhGNcGcAprVqp7MwwNvX5U2Q=; b=veG9YMolQNjwXSxviWClPPMrAoSNMo6uKEAB9JEAFD7ykIwxvM1ZDJASh9F4riTpxu /lgxhg0yn40RRhtsG4ztbt+IZR3zk5OsAJXBH4BYKa7MZkIdt6vYFpQRC+ALyzffBQZ4 eJFh/cm1uhXuvIP2r+Ib9dFlu9k7tKP2Cz/YIdTjheTgXPxeQN384kpl4yo0yPcXBUw7 qvkS7p5Zz8AhZMG3Fv8W2655MFr9NwxFfr9fH5LopP9DiKHo4d9WkETrY4SkNEFvYdU5 rBZ4FqXAWyNR6Qx4x1YG9650nuq+ITT96Nv1YBQ+2AQ5XN3+Ykc0GhsthPtyji/viTth nEdQ== X-Gm-Message-State: AOJu0YxcZbTlnokByPWhZzTH2ZlMg86wyIPUmNbfxfe+w8daCW0z1rCr r2ddmKZI1gyyroXM2Jy6kokgtoA6ixpKuPEEGd7wosQBShXFKrBNus2JyfbNfF0= X-Google-Smtp-Source: AGHT+IHA3Q/59yTN+VtOjTdaA1lIZlg98a2fZBIQNoj6CADIt7rCjvHjI7wZinr18nwCgxHlOdaC/g== X-Received: by 2002:a05:651c:2206:b0:2fa:cf5b:1e8e with SMTP id 38308e7fff4ca-2fc9d2e4b79mr11217111fa.2.1729682059991; Wed, 23 Oct 2024 04:14:19 -0700 (PDT) Received: from anton-desktop.. (static.38.52.108.65.clients.your-server.de. [65.108.52.38]) by smtp.gmail.com with ESMTPSA id 38308e7fff4ca-2fb9ad75bbcsm10339911fa.47.2024.10.23.04.14.17 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 23 Oct 2024 04:14:18 -0700 (PDT) From: ant.v.moryakov@gmail.com To: elfutils-devel@sourceware.org Cc: AntonMoryakov <ant.v.moryakov@gmail.com> Subject: [PATCH] objdump.c: potential NULL pointer dereference in handle_ar Date: Wed, 23 Oct 2024 14:14:14 +0300 Message-Id: <20241023111414.2385429-1-ant.v.moryakov@gmail.com> X-Mailer: git-send-email 2.34.1 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-12.8 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, FREEMAIL_FROM, GIT_PATCH_0, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS, TXREP autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: elfutils-devel@sourceware.org X-Mailman-Version: 2.1.30 Precedence: list List-Id: Elfutils-devel mailing list <elfutils-devel.sourceware.org> List-Unsubscribe: <https://sourceware.org/mailman/options/elfutils-devel>, <mailto:elfutils-devel-request@sourceware.org?subject=unsubscribe> List-Archive: <https://sourceware.org/pipermail/elfutils-devel/> List-Post: <mailto:elfutils-devel@sourceware.org> List-Help: <mailto:elfutils-devel-request@sourceware.org?subject=help> List-Subscribe: <https://sourceware.org/mailman/listinfo/elfutils-devel>, <mailto:elfutils-devel-request@sourceware.org?subject=subscribe> Errors-To: elfutils-devel-bounces~patchwork=sourceware.org@sourceware.org |
| Series |
objdump.c: potential NULL pointer dereference in handle_ar
|
|
Commit Message
Anton Moryakov
Oct. 23, 2024, 11:14 a.m. UTC
From: AntonMoryakov <ant.v.moryakov@gmail.com>
- Added a check to ensure `arhdr` is not NULL before using it in `strcmp` to avoid segmentation fault.
- This resolves the issue where the pointer returned from `elf_getarhdr` may be NULL and causes a crash when dereferenced.
---
src/objdump.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
Comments
Hi Anton, On Wed, 2024-10-23 at 14:14 +0300, ant.v.moryakov@gmail.com wrote: > From: AntonMoryakov <ant.v.moryakov@gmail.com> > > - Added a check to ensure `arhdr` is not NULL before using it in `strcmp` to avoid segmentation fault. > - This resolves the issue where the pointer returned from `elf_getarhdr` may be NULL and causes a crash when dereferenced. Kind of the same questions/comments as for previous patches. Please sign your work, keep with current coding style and if you have a testcase that would be ideal. > --- > src/objdump.c | 3 ++- > 1 file changed, 2 insertions(+), 1 deletion(-) > > diff --git a/src/objdump.c b/src/objdump.c > index 1b38da23..33b6fec5 100644 > --- a/src/objdump.c > +++ b/src/objdump.c > @@ -313,7 +313,8 @@ handle_ar (int fd, Elf *elf, const char *prefix, const char *fname, > Elf_Arhdr *arhdr = elf_getarhdr (subelf); > > /* Skip over the index entries. */ > - if (strcmp (arhdr->ar_name, "/") != 0 > + if (arhdr != NULL > + && strcmp (arhdr->ar_name, "/") != 0 > && strcmp (arhdr->ar_name, "//") != 0) > { > if (elf_kind (subelf) == ELF_K_ELF) I think it would be better to do a separate check for arhdr being NULL, that should normally not happen imho. Then do an INTERNAL_ERROR (fname) to stop processing and report the libelf error. e.g something like: diff --git a/src/objdump.c b/src/objdump.c index 1b38da23266d..94cc69cb0f6a 100644 --- a/src/objdump.c +++ b/src/objdump.c @@ -311,6 +311,8 @@ handle_ar (int fd, Elf *elf, const char *prefix, const char *fname, { /* The the header for this element. */ Elf_Arhdr *arhdr = elf_getarhdr (subelf); + if (ahdr == NULL) + INTERNAL_ERROR (fname); /* Skip over the index entries. */ if (strcmp (arhdr->ar_name, "/") != 0 Cheers, Mark
diff --git a/src/objdump.c b/src/objdump.c index 1b38da23..33b6fec5 100644 --- a/src/objdump.c +++ b/src/objdump.c @@ -313,7 +313,8 @@ handle_ar (int fd, Elf *elf, const char *prefix, const char *fname, Elf_Arhdr *arhdr = elf_getarhdr (subelf); /* Skip over the index entries. */ - if (strcmp (arhdr->ar_name, "/") != 0 + if (arhdr != NULL + && strcmp (arhdr->ar_name, "/") != 0 && strcmp (arhdr->ar_name, "//") != 0) { if (elf_kind (subelf) == ELF_K_ELF)