diff options
| author | Alan Modra <amodra@gmail.com> | 2022-03-17 20:05:39 +1030 |
|---|---|---|
| committer | Alan Modra <amodra@gmail.com> | 2022-03-17 21:32:44 +1030 |
| commit | c9178f285acf19e066be8367185d52837161b0a2 (patch) | |
| tree | b5014cb5ac6631b09d1a3db92e2f2625eacd5a41 | |
| parent | 98c445c0b98c8da183e9bfad32df3936a8d7fd35 (diff) | |
| download | binutils-c9178f285acf19e066be8367185d52837161b0a2.zip binutils-c9178f285acf19e066be8367185d52837161b0a2.tar.gz binutils-c9178f285acf19e066be8367185d52837161b0a2.tar.bz2 | |
ubsan: Null dereference in parse_module
* vms-alpha.c (parse_module): Sanity check that DST__K_RTNBEG
has set module->func_table for DST__K_RTNEND. Check return
of bfd_zalloc.
| -rw-r--r-- | bfd/vms-alpha.c | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/bfd/vms-alpha.c b/bfd/vms-alpha.c index 4a92574..1129c98 100644 --- a/bfd/vms-alpha.c +++ b/bfd/vms-alpha.c @@ -4352,9 +4352,13 @@ parse_module (bfd *abfd, struct module *module, unsigned char *ptr, /* Initialize tables with zero element. */ curr_srec = (struct srecinfo *) bfd_zalloc (abfd, sizeof (struct srecinfo)); + if (!curr_srec) + return false; module->srec_table = curr_srec; curr_line = (struct lineinfo *) bfd_zalloc (abfd, sizeof (struct lineinfo)); + if (!curr_line) + return false; module->line_table = curr_line; while (length == -1 || ptr < maxptr) @@ -4389,6 +4393,8 @@ parse_module (bfd *abfd, struct module *module, unsigned char *ptr, case DST__K_RTNBEG: funcinfo = (struct funcinfo *) bfd_zalloc (abfd, sizeof (struct funcinfo)); + if (!funcinfo) + return false; funcinfo->name = _bfd_vms_save_counted_string (abfd, ptr + DST_S_B_RTNBEG_NAME, maxptr - (ptr + DST_S_B_RTNBEG_NAME)); @@ -4401,6 +4407,8 @@ parse_module (bfd *abfd, struct module *module, unsigned char *ptr, break; case DST__K_RTNEND: + if (!module->func_table) + return false; module->func_table->high = module->func_table->low + bfd_getl32 (ptr + DST_S_L_RTNEND_SIZE) - 1; |