* ubsan: som_is_space null dereference
@ 2022-09-14 0:41 Alan Modra
2022-09-14 0:52 ` Jeff Law
0 siblings, 1 reply; 2+ messages in thread
From: Alan Modra @ 2022-09-14 0:41 UTC (permalink / raw)
To: binutils
On objcopy of fuzzed file.
* som.c (som_write_fixups): Exit loop if space sections all
processed.
diff --git a/bfd/som.c b/bfd/som.c
index c22f13b5a4c..38c574a97c8 100644
--- a/bfd/som.c
+++ b/bfd/som.c
@@ -2933,8 +2933,10 @@ som_write_fixups (bfd *abfd,
asection *subsection;
/* Find a space. */
- while (!som_is_space (section))
+ while (section && !som_is_space (section))
section = section->next;
+ if (!section)
+ break;
/* Now iterate through each of its subspaces. */
for (subsection = abfd->sections;
--
Alan Modra
Australia Development Lab, IBM
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: ubsan: som_is_space null dereference
2022-09-14 0:41 ubsan: som_is_space null dereference Alan Modra
@ 2022-09-14 0:52 ` Jeff Law
0 siblings, 0 replies; 2+ messages in thread
From: Jeff Law @ 2022-09-14 0:52 UTC (permalink / raw)
To: binutils
On 9/13/22 18:41, Alan Modra via Binutils wrote:
> On objcopy of fuzzed file.
>
> * som.c (som_write_fixups): Exit loop if space sections all
> processed.
Fuzzing SOM objects. That's dedication. No doubt there's more of this
lurking in those dusty corners.
jeff
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2022-09-14 0:52 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-09-14 0:41 ubsan: som_is_space null dereference Alan Modra
2022-09-14 0:52 ` Jeff Law
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).