[PATCH] null ptr deref
Wed Jul 25 14:59:00 GMT 2007
Hi Joseph, Hi Michael,
> If out_list can be null, then we'll crash when we dereference it
> on the next loop iteration. If it can't, then why test it?
> I don't know if I've chosen the best way to deal with it if it is
> null -- open to suggestions.
There appear to be several more problems with _bfd_elf_merge_object_attributes,
in addition to the one that Michael found:
* out_list is set to the object attribute list from the input bfd not the
* in_list->tag is examined after setting "in_list = in_list->next" without
checking to see if in_list is NULL.
* in_attr->s is used to check for extra tags in the output list when it
might actually be set to NULL.
Joseph - I am attaching a tidy-up and fix-up of elf-attrs.c. If you think
that it is OK, please could you check it in. In addition to attempting to fix
the bugs above, and the problem Michael found, I have also tried to use
#defined constants in the place of numeric constants in order to make the code
easier to read. There were several places however where the number 4 was used
and I could not work out how this number was derived. Possibly it was meant to
be one more than Tag_Symbol, but I was not sure. If you could find a way of
replacing 4 with a more meaningful string that would be great.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 4589 bytes
Desc: not available
More information about the Binutils