PR25900, RISC-V: null pointer dereference
Palmer Dabbelt
palmer@dabbelt.com
Tue May 5 23:27:49 GMT 2020
On Thu, 30 Apr 2020 23:01:28 PDT (-0700), binutils@sourceware.org wrote:
> PR 25900
> * elfnn-riscv.c (_bfd_riscv_relax_section): Check root.type before
> accessing root.u.def of symbols. Also check root.u.def.section
> is non-NULL. Reverse tests so as to make the logic positive.
>
> diff --git a/bfd/elfnn-riscv.c b/bfd/elfnn-riscv.c
> index 8fcb1067fd..473bf50f2d 100644
> --- a/bfd/elfnn-riscv.c
> +++ b/bfd/elfnn-riscv.c
> @@ -4161,15 +4161,16 @@ _bfd_riscv_relax_section (bfd *abfd, asection *sec,
> symval = 0;
> sym_sec = bfd_und_section_ptr;
> }
> - else if (h->root.u.def.section->output_section == NULL
> - || (h->root.type != bfd_link_hash_defined
> - && h->root.type != bfd_link_hash_defweak))
> - continue;
> - else
> + else if ((h->root.type == bfd_link_hash_defined
> + || h->root.type == bfd_link_hash_defweak)
> + && h->root.u.def.section != NULL
> + && h->root.u.def.section->output_section != NULL)
> {
> symval = h->root.u.def.value;
> sym_sec = h->root.u.def.section;
> }
> + else
> + continue;
>
> if (h->type != STT_FUNC)
> reserve_size =
Thanks!
More information about the Binutils
mailing list