Hi Anton,
On Thu, Feb 13, 2025 at 08:19:44PM +0300, Anton Moryakov wrote:
> Static analyzer reported:
> Return value of a function 'elf_getdata' is dereferenced at unstrip.c:1977
> without checking for NULL, but it is usually checked for this function
> (97/101).
>
> Corrections explained:
> - Added a check for NULL for the symstrdata variable before calling
> dwelf_strtab_finalize.
> - If symstrdata is NULL, the program exits with an error.
>
> Triggers found by static analyzer Svace.
>
> Signed-off-by: Anton Moryakov <[email protected]>
> ---
> src/unstrip.c | 3 +++
> 1 file changed, 3 insertions(+)
>
> diff --git a/src/unstrip.c b/src/unstrip.c
> index d70053de..35c04700 100644
> --- a/src/unstrip.c
> +++ b/src/unstrip.c
> @@ -1974,6 +1974,9 @@ more sections in stripped file than debug file --
> arguments reversed?"));
> }
> }
>
> + if (symstrdata == NULL)
> + error_exit (0, "Failed to get data from symbol string table");
> +
> if (dwelf_strtab_finalize (symstrtab, symstrdata) == NULL)
> error_exit (0, "Not enough memory to create symbol table");
If you check this why not at the point where elf_getdata is called
(symstrdata is assigned?). And then you should also check the other
elf_getdata call at the same time here:
symdata = elf_getdata (unstripped_symtab, NULL);
symstrdata = elf_getdata (unstripped_strtab, NULL);
Thanks,
Mark
