[patch] srec.c, avoid null ptr issues

public inbox for binutils@sourceware.org
 help / color / mirror / Atom feed

* [patch] srec.c, avoid null ptr issues
@ 2007-07-25 23:06 msnyder
  2007-07-26 11:41 ` Alan Modra
  0 siblings, 1 reply; 2+ messages in thread
From: msnyder @ 2007-07-25 23:06 UTC (permalink / raw)
  To: binutils

[-- Attachment #1: Type: text/plain, Size: 123 bytes --]

If symcount is zero there's not much to do, and if csymbols
is null we're going to dereference it (by way of alias to c).


[-- Attachment #2: srec.txt --]
[-- Type: text/plain, Size: 1241 bytes --]

2007-07-25  Michael Snyder  <msnyder@access-company.com>

	* srec.c (srec_canonicalize_symtab): Bail out if symcount == 0.

Index: srec.c
===================================================================
RCS file: /cvs/src/src/bfd/srec.c,v
retrieving revision 1.42
diff -p -r1.42 srec.c
*** srec.c	3 Jul 2007 14:26:42 -0000	1.42
--- srec.c	25 Jul 2007 22:31:41 -0000
*************** srec_canonicalize_symtab (bfd *abfd, asy
*** 1131,1138 ****
        struct srec_symbol *s;
  
        csymbols = bfd_alloc (abfd, symcount * sizeof (asymbol));
!       if (csymbols == NULL && symcount != 0)
! 	return 0;
        abfd->tdata.srec_data->csymbols = csymbols;
  
        for (s = abfd->tdata.srec_data->symbols, c = csymbols;
--- 1131,1138 ----
        struct srec_symbol *s;
  
        csymbols = bfd_alloc (abfd, symcount * sizeof (asymbol));
!       if (csymbols == NULL)
! 	goto error_return;
        abfd->tdata.srec_data->csymbols = csymbols;
  
        for (s = abfd->tdata.srec_data->symbols, c = csymbols;
*************** srec_canonicalize_symtab (bfd *abfd, asy
*** 1150,1155 ****
--- 1150,1156 ----
  
    for (i = 0; i < symcount; i++)
      *alocation++ = csymbols++;
+  error_return:
    *alocation = NULL;
  
    return symcount;

^ permalink raw reply	[flat|nested] 2+ messages in thread

* Re: [patch] srec.c, avoid null ptr issues
  2007-07-25 23:06 [patch] srec.c, avoid null ptr issues msnyder
@ 2007-07-26 11:41 ` Alan Modra
  0 siblings, 0 replies; 2+ messages in thread
From: Alan Modra @ 2007-07-26 11:41 UTC (permalink / raw)
  To: msnyder; +Cc: binutils

On Wed, Jul 25, 2007 at 03:42:21PM -0700, msnyder@sonic.net wrote:
> If symcount is zero there's not much to do, and if csymbols
> is null we're going to dereference it (by way of alias to c).

No, because if symcount is zero, abfd->tdata.srec_data->symbols must
be NULL.  When looking at this, I noticed the return value on
error was wrong.  Tidied as follows.

	* srec.c (srec_canonicalize_symtab): Don't alloc when symcount
	is zero.  Correct return value on error.
	* mmo.c (mmo_canonicalize_symtab): Likewise.
	* binary.c (binary_canonicalize_symtab) Correct return on error.

Index: bfd/srec.c
===================================================================
RCS file: /cvs/src/src/bfd/srec.c,v
retrieving revision 1.42
diff -u -p -r1.42 srec.c
--- bfd/srec.c	3 Jul 2007 14:26:42 -0000	1.42
+++ bfd/srec.c	26 Jul 2007 10:06:32 -0000
@@ -1125,14 +1125,14 @@ srec_canonicalize_symtab (bfd *abfd, asy
   unsigned int i;
 
   csymbols = abfd->tdata.srec_data->csymbols;
-  if (csymbols == NULL)
+  if (csymbols == NULL && symcount != 0)
     {
       asymbol *c;
       struct srec_symbol *s;
 
       csymbols = bfd_alloc (abfd, symcount * sizeof (asymbol));
-      if (csymbols == NULL && symcount != 0)
-	return 0;
+      if (csymbols == NULL)
+	return -1;
       abfd->tdata.srec_data->csymbols = csymbols;
 
       for (s = abfd->tdata.srec_data->symbols, c = csymbols;
Index: bfd/binary.c
===================================================================
RCS file: /cvs/src/src/bfd/binary.c,v
retrieving revision 1.33
diff -u -p -r1.33 binary.c
--- bfd/binary.c	3 Jul 2007 14:26:39 -0000	1.33
+++ bfd/binary.c	26 Jul 2007 10:06:11 -0000
@@ -169,7 +169,7 @@ binary_canonicalize_symtab (bfd *abfd, a
 
   syms = bfd_alloc (abfd, amt);
   if (syms == NULL)
-    return 0;
+    return -1;
 
   /* Start symbol.  */
   syms[0].the_bfd = abfd;
Index: bfd/mmo.c
===================================================================
RCS file: /cvs/src/src/bfd/mmo.c,v
retrieving revision 1.36
diff -u -p -r1.36 mmo.c
--- bfd/mmo.c	3 Jul 2007 14:26:42 -0000	1.36
+++ bfd/mmo.c	26 Jul 2007 10:06:29 -0000
@@ -2097,7 +2097,7 @@ mmo_canonicalize_symtab (bfd *abfd, asym
   unsigned int i;
 
   csymbols = abfd->tdata.mmo_data->csymbols;
-  if (csymbols == NULL)
+  if (csymbols == NULL && symcount != 0)
     {
       asymbol *c;
       struct mmo_symbol *s;
@@ -2119,8 +2119,8 @@ mmo_canonicalize_symtab (bfd *abfd, asym
 	     mmo_sort_mmo_symbols);
 
       csymbols = (asymbol *) bfd_alloc (abfd, symcount * sizeof (asymbol));
-      if (csymbols == NULL && symcount != 0)
-	return FALSE;
+      if (csymbols == NULL)
+	return -1;
       abfd->tdata.mmo_data->csymbols = csymbols;
 
       for (msp = (struct mmo_symbol **) alocation, c = csymbols;

-- 
Alan Modra
Australia Development Lab, IBM

^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2007-07-26 11:12 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2007-07-25 23:06 [patch] srec.c, avoid null ptr issues msnyder
2007-07-26 11:41 ` Alan Modra

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).