ubsan: Null dereference in parse

public inbox for binutils@sourceware.org
 help / color / mirror / Atom feed

* ubsan: Null dereference in parse_module
@ 2022-03-17 11:02 Alan Modra
  0 siblings, 0 replies; only message in thread
From: Alan Modra @ 2022-03-17 11:02 UTC (permalink / raw)
  To: binutils

	* vms-alpha.c (parse_module): Sanity check that DST__K_RTNBEG
	has set module->func_table for DST__K_RTNEND.  Check return
	of bfd_zalloc.

diff --git a/bfd/vms-alpha.c b/bfd/vms-alpha.c
index 4a92574c850..1129c98f0e2 100644
--- a/bfd/vms-alpha.c
+++ b/bfd/vms-alpha.c
@@ -4352,9 +4352,13 @@ parse_module (bfd *abfd, struct module *module, unsigned char *ptr,
 
   /* Initialize tables with zero element.  */
   curr_srec = (struct srecinfo *) bfd_zalloc (abfd, sizeof (struct srecinfo));
+  if (!curr_srec)
+    return false;
   module->srec_table = curr_srec;
 
   curr_line = (struct lineinfo *) bfd_zalloc (abfd, sizeof (struct lineinfo));
+  if (!curr_line)
+    return false;
   module->line_table = curr_line;
 
   while (length == -1 || ptr < maxptr)
@@ -4389,6 +4393,8 @@ parse_module (bfd *abfd, struct module *module, unsigned char *ptr,
 	case DST__K_RTNBEG:
 	  funcinfo = (struct funcinfo *)
 	    bfd_zalloc (abfd, sizeof (struct funcinfo));
+	  if (!funcinfo)
+	    return false;
 	  funcinfo->name
 	    = _bfd_vms_save_counted_string (abfd, ptr + DST_S_B_RTNBEG_NAME,
 					    maxptr - (ptr + DST_S_B_RTNBEG_NAME));
@@ -4401,6 +4407,8 @@ parse_module (bfd *abfd, struct module *module, unsigned char *ptr,
 	  break;
 
 	case DST__K_RTNEND:
+	  if (!module->func_table)
+	    return false;
 	  module->func_table->high = module->func_table->low
 	    + bfd_getl32 (ptr + DST_S_L_RTNEND_SIZE) - 1;
 

-- 
Alan Modra
Australia Development Lab, IBM

^ permalink raw reply	[flat|nested] only message in thread

only message in thread, other threads:[~2022-03-17 11:02 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-03-17 11:02 ubsan: Null dereference in parse_module Alan Modra

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).