FIX #74: DEREF_OF_NULL.RET.STAT in ar.c

Message ID 20241106151639.90144-1-ant.v.moryakov@gmail.com
State Rejected
Headers
Series FIX #74: DEREF_OF_NULL.RET.STAT in ar.c |

Commit Message

Anton Moryakov Nov. 6, 2024, 3:16 p.m. UTC
  Report of the static analyzer:
Pointer, returned from function 'elf_getarhdr' 
at ar.c:498, may be NULL and is dereferenced at ar.c:500.

Corrections explained:
The issue is that the pointer returned by elf_getarhdr(subelf) may be NULL, 
but it is directly dereferenced without a NULL check. 
This fix adds a NULL check before using arhdr, preventing a potential null dereference.
This check ensures that the code safely handles cases when elf_getarhdr returns NULL, 
avoiding unexpected crashes.

Found by RASU JSC.

Signed-off-by: Anton Moryakov <ant.v.moryakov@gmail.com>

---
 elfutils/src/ar.c | 6 ++++++
 1 file changed, 6 insertions(+)

--
2.30.2
  

Patch

diff --git a/elfutils/src/ar.c b/elfutils/src/ar.c
index d70f1f4..6ffd1eb 100644
--- a/elfutils/src/ar.c
+++ b/elfutils/src/ar.c
@@ -497,6 +497,11 @@  do_oper_extract (int oper, const char *arfname, char **argv, int argc,
     {
       Elf_Arhdr *arhdr = elf_getarhdr (subelf);
 
+	  if (arhdr == NULL)
+	{
+		goto next;
+	}
+
       if (strcmp (arhdr->ar_name, "/") == 0)
 	{
 	  index_off = elf_getaroff (subelf);